agent-bom Scan

April 30, 2026

Version updated for https://github.com/msaad00/agent-bom to version v0.83.3.

This action is used across all versions by 0 repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

The agent-bom GitHub Action is an open security scanner designed to analyze vulnerabilities across AI supply chains and infrastructures, including agents, MCP servers, packages, containers, cloud platforms, GPUs, and runtimes. It automates the detection of CVEs (Common Vulnerabilities and Exposures), traces their blast radius through dependencies and impacted components, and identifies remediation steps to prevent credential leaks or tool compromises. Key capabilities include end-to-end vulnerability mapping, CWE-aware impact analysis, and actionable fixes to secure AI systems comprehensively.

What’s Changed

ci: make MCP registry publish opt-in by @msaad00 in https://github.com/msaad00/agent-bom/pull/2114
fix: package inventory schema in release wheel by @msaad00 in https://github.com/msaad00/agent-bom/pull/2115

Full Changelog: https://github.com/msaad00/agent-bom/compare/v0.83.2...v0.83.3