agent-bom Scan
Version updated for https://github.com/msaad00/agent-bom to version v0.75.11.
- This action is used across all versions by 0 repositories.
Action Type
This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
Action Summary
agent-bom is a security-focused GitHub Action and CLI tool designed to analyze and map the impact of vulnerabilities (e.g., CVEs) across AI agents, their dependencies, credentials, tools, and infrastructure. It automates the discovery and scanning of local and cloud-based AI agents, project manifests, container images, and infrastructure as code (IaC) to provide a comprehensive blast radius assessment and CWE-aware impact classification. This helps organizations identify and prioritize security risks, enabling better protection against credential leaks, tool compromises, and runtime vulnerabilities.
What’s Changed
What’s Changed
- Add CWE impact classification engine and CLI UX improvements by @msaad00 in https://github.com/msaad00/agent-bom/pull/1116
- Wire CWE-aware filtering into blast radius construction by @msaad00 in https://github.com/msaad00/agent-bom/pull/1117
- Fix compliance framework count and README cleanup by @msaad00 in https://github.com/msaad00/agent-bom/pull/1118
- Harden supply chain pinning and add dynamic framework count by @msaad00 in https://github.com/msaad00/agent-bom/pull/1119
- Polish CLI output, fix Dockerfile hash pinning, refresh demo by @msaad00 in https://github.com/msaad00/agent-bom/pull/1122
- Add reachability context to SARIF/VEX and dependency confusion detection by @msaad00 in https://github.com/msaad00/agent-bom/pull/1123
- Fix demo enrichment, show unscored vulns, enable Rich colors by @msaad00 in https://github.com/msaad00/agent-bom/pull/1124
- Add CWE impact to check command, condense discovery output by @msaad00 in https://github.com/msaad00/agent-bom/pull/1125
- README overhaul, proxy detector telemetry, docs alignment by @msaad00 in https://github.com/msaad00/agent-bom/pull/1126
- chore: release 0.75.11 by @msaad00 in https://github.com/msaad00/agent-bom/pull/1127
Full Changelog: https://github.com/msaad00/agent-bom/compare/v0...v0.75.11