agent-bom Scan

Version updated for https://github.com/msaad00/agent-bom to version v0.82.3.

• This action is used across all versions by 0 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

Agent-BOM is an open security scanner designed for AI supply chains and infrastructure, including agents, servers, packages, containers, cloud services, GPUs, and runtimes. It identifies vulnerabilities (CVEs) across interconnected components in the stack, analyzes their blast radius, and provides actionable remediation steps to mitigate risks like credential leaks or compromised tools. The tool automates end-to-end vulnerability tracking, helping teams secure complex AI ecosystems efficiently.

What’s Changed

What’s Changed

• chore(deps): upgrade pip 25.3 → 26.1 in runtime images (clears CVE-2026-1703) by @msaad00 in https://github.com/msaad00/agent-bom/pull/2027
• typing: phase strict mypy onto four more API store modules (#1969) by @msaad00 in https://github.com/msaad00/agent-bom/pull/2028
• fix(readme): repair self-hosted mermaid + drop redundant engine-internals image by @msaad00 in https://github.com/msaad00/agent-bom/pull/2029
• chore(ui): enable noUncheckedIndexedAccess in tsconfig by @msaad00 in https://github.com/msaad00/agent-bom/pull/2030
• typing: phase strict mypy onto four more API store modules (#1969) by @msaad00 in https://github.com/msaad00/agent-bom/pull/2031
• docs(compliance): publish per-framework coverage table by @msaad00 in https://github.com/msaad00/agent-bom/pull/2032
• chore(ui): enable exactOptionalPropertyTypes — closes #1967 by @msaad00 in https://github.com/msaad00/agent-bom/pull/2033
• ops(ci): document + script merge-queue enablement to end stranded CI by @msaad00 in https://github.com/msaad00/agent-bom/pull/2034
• feat(helm): KEDA-driven autoscaling on control-plane API + published SLO by @msaad00 in https://github.com/msaad00/agent-bom/pull/2035
• ci: scheduled auto-retrigger workflow for stranded PRs by @msaad00 in https://github.com/msaad00/agent-bom/pull/2036
• feat(metrics): scan_jobs_active gauge + KEDA queue-depth trigger by @msaad00 in https://github.com/msaad00/agent-bom/pull/2037
• feat(perf): clustered Postgres scale evidence harness by @msaad00 in https://github.com/msaad00/agent-bom/pull/2038
• docs(deploy): “do I need both images?” — clarify the API-only path by @msaad00 in https://github.com/msaad00/agent-bom/pull/2039
• feat: surface graph-walk reachability into BlastRadius scoring + UI by @msaad00 in https://github.com/msaad00/agent-bom/pull/2040
• chore(release): v0.82.3 — reachability-aware blast radius, KEDA scaling, Postgres bench by @msaad00 in https://github.com/msaad00/agent-bom/pull/2041

Full Changelog: https://github.com/msaad00/agent-bom/compare/v0.82.2...v0.82.3

• Msaad00
• GitHub Actions