Logo
Agent Skills Guide

sbom-syft

published 2026/01/18

Software Bill of Materials (SBOM) generation using Syft for container images, filesystems, and archives. Detects packages across 28+ ecosystems with multi-format output support (CycloneDX, SPDX, syft-json). Enables vulnerability assessment, license compliance, and supply chain security. Use when: (1) Generating SBOMs for container images or applications, (2) Analyzing software dependencies and packages for vulnerability scanning, (3) Tracking license compliance across dependencies, (4) Integrating SBOM generation into CI/CD for supply chain security, (5) Creating signed SBOM attestations for software provenance.

📦 Install Skill

Command line install

Install directly with the `skills` CLI.

npx skills add aiskillstore/marketplace/skills/agentsecops/sbom-syft

Local download

Download only this skill directory.

Download sbom-syft only
File Explorer
0 files
No file selected
readonly

Select a file to view its content