agent-bom Scan
Version updated for https://github.com/msaad00/agent-bom to version v0.81.3.
- This action is used across all versions by 0 repositories.
Action Type
This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
Action Summary
The agent-bom GitHub Action is an open-source security scanner designed for analyzing vulnerabilities in AI supply chains and infrastructure, including agents, MCP servers, packages, containers, cloud environments, GPUs, and runtime components. It automates the identification of CVEs (Common Vulnerabilities and Exposures), maps their impact across dependencies, credentials, and tools, and provides actionable fixes to mitigate risks. Its core capability is generating a comprehensive “blast radius” analysis that traces security issues end-to-end and prioritizes remediation based on the impact severity.
What’s Changed
What’s Changed
- feat(runtime): harden optional monitor daemonset by @msaad00 in https://github.com/msaad00/agent-bom/pull/1720
- docs(deploy): clarify recommended runtime and backend defaults by @msaad00 in https://github.com/msaad00/agent-bom/pull/1721
- docs(deploy): simplify official entrypoints by @msaad00 in https://github.com/msaad00/agent-bom/pull/1722
- docs(deploy): separate self-hosted and MSSP maturity by @msaad00 in https://github.com/msaad00/agent-bom/pull/1723
- docs(deploy): sharpen Snowflake parity boundaries by @msaad00 in https://github.com/msaad00/agent-bom/pull/1724
- fix(runtime): harden shield concurrency and rate limiting by @msaad00 in https://github.com/msaad00/agent-bom/pull/1725
- fix(release): manage compose and runtime version surfaces by @msaad00 in https://github.com/msaad00/agent-bom/pull/1726
- feat(auth): add UI session and capability contract by @msaad00 in https://github.com/msaad00/agent-bom/pull/1727
- feat(ui): gate control-plane actions by auth capabilities by @msaad00 in https://github.com/msaad00/agent-bom/pull/1728
- fix(platform): enforce tenant and time invariants by @msaad00 in https://github.com/msaad00/agent-bom/pull/1730
- chore(deps): bump aquasecurity/trivy-action from 0.35.0 to 0.36.0 by @dependabot[bot] in https://github.com/msaad00/agent-bom/pull/1731
- feat(graph): index graph search slices by @msaad00 in https://github.com/msaad00/agent-bom/pull/1732
- feat(endpoint): add enrollment bundle contract by @msaad00 in https://github.com/msaad00/agent-bom/pull/1733
- feat(snowflake): add schedule store parity by @msaad00 in https://github.com/msaad00/agent-bom/pull/1734
- feat(graph): paginate overview from store by @msaad00 in https://github.com/msaad00/agent-bom/pull/1735
- fix(auth): enforce key scopes and scrub gateway 404s by @msaad00 in https://github.com/msaad00/agent-bom/pull/1736
- docs: add safe PR refresh helper by @msaad00 in https://github.com/msaad00/agent-bom/pull/1737
- feat(snowflake): add exception store parity by @msaad00 in https://github.com/msaad00/agent-bom/pull/1738
- feat(endpoint): persist enrolled fleet identity by @msaad00 in https://github.com/msaad00/agent-bom/pull/1739
- refactor(mcp): extract shared scan pipeline by @msaad00 in https://github.com/msaad00/agent-bom/pull/1740
- refactor(mcp): extract resource and prompt catalog by @msaad00 in https://github.com/msaad00/agent-bom/pull/1741
- refactor(mcp): extract server bootstrap by @msaad00 in https://github.com/msaad00/agent-bom/pull/1742
- fix(platform): harden audit and graph query paths by @msaad00 in https://github.com/msaad00/agent-bom/pull/1743
- docs(release): align product description and changelog by @msaad00 in https://github.com/msaad00/agent-bom/pull/1744
- fix(snowflake): scope store lookups by tenant by @msaad00 in https://github.com/msaad00/agent-bom/pull/1745
- refactor(mcp): extract runtime catalog tools by @msaad00 in https://github.com/msaad00/agent-bom/pull/1746
- docs(deploy): tighten graph and runtime guidance by @msaad00 in https://github.com/msaad00/agent-bom/pull/1753
- test(graph): guard overview store-backed pagination path by @msaad00 in https://github.com/msaad00/agent-bom/pull/1754
- chore(release): bump version to 0.81.2 by @msaad00 in https://github.com/msaad00/agent-bom/pull/1747
- chore(release): bump version to 0.81.3 by @msaad00 in https://github.com/msaad00/agent-bom/pull/1755
Full Changelog: https://github.com/msaad00/agent-bom/compare/v0.81.1...v0.81.3