agent-bom Scan
Version updated for https://github.com/msaad00/agent-bom to version v0.75.13.
- This action is used across all versions by 0 repositories.
Action Type
This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
Action Summary
Summary:
The agent-bom GitHub Action is an open security scanner designed to analyze and map the blast radius of vulnerabilities within agentic infrastructures, including AI agents, MCP servers, packages, containers, cloud environments, and runtime contexts. It automates the detection of security risks, such as exposed credentials, vulnerable packages, and misconfigurations, while providing detailed insights into their potential impact across interconnected systems. Key capabilities include CVE scanning, dependency analysis, blast radius mapping, cloud security posture assessment, and exporting SBOMs for enhanced security visibility and management.
What’s Changed
What’s Changed
- fix(release): harden provenance bundle export by @msaad00 in https://github.com/msaad00/agent-bom/pull/1157
- feat(cli): add operator summary and mesh view by @msaad00 in https://github.com/msaad00/agent-bom/pull/1158
- feat(skills): add deterministic bundle identity by @msaad00 in https://github.com/msaad00/agent-bom/pull/1164
- docs: clarify capabilities and deployment guidance by @msaad00 in https://github.com/msaad00/agent-bom/pull/1167
- feat(remediation): add guided fix and verify commands by @msaad00 in https://github.com/msaad00/agent-bom/pull/1159
- chore(deps): bump pygments from 2.19.2 to 2.20.0 by @dependabot[bot] in https://github.com/msaad00/agent-bom/pull/1171
- chore: remove toolhive discovery surface by @msaad00 in https://github.com/msaad00/agent-bom/pull/1173
- chore(deps): bump lucide-react from 0.577.0 to 1.7.0 in /ui by @dependabot[bot] in https://github.com/msaad00/agent-bom/pull/1135
- chore(deps-dev): bump typescript from 5.9.3 to 6.0.2 in /ui by @dependabot[bot] in https://github.com/msaad00/agent-bom/pull/1137
- chore: weekly uv.lock upgrade 2026-03-30 by @github-actions[bot] in https://github.com/msaad00/agent-bom/pull/1169
- docs(mcp): deepen Claude and Cortex integration guides by @msaad00 in https://github.com/msaad00/agent-bom/pull/1174
- docs: add canonical product brief and metrics by @msaad00 in https://github.com/msaad00/agent-bom/pull/1175
- fix(scan): fail closed offline and surface incomplete results by @msaad00 in https://github.com/msaad00/agent-bom/pull/1176
- fix(cli): sharpen sarif defaults and first-run guidance by @msaad00 in https://github.com/msaad00/agent-bom/pull/1177
- fix: tighten release-facing CLI trust surfaces by @msaad00 in https://github.com/msaad00/agent-bom/pull/1178
- release: prepare v0.75.13 by @msaad00 in https://github.com/msaad00/agent-bom/pull/1179
New Contributors
- @github-actions[bot] made their first contribution in https://github.com/msaad00/agent-bom/pull/1169
Full Changelog: https://github.com/msaad00/agent-bom/compare/v0.75.12...v0.75.13