sbom-syft
•published 2026/01/18
Software Bill of Materials (SBOM) generation using Syft for container images, filesystems, and archives. Detects packages across 28+ ecosystems with multi-format output support (CycloneDX, SPDX, syft-json). Enables vulnerability assessment, license compliance, and supply chain security. Use when: (1) Generating SBOMs for container images or applications, (2) Analyzing software dependencies and packages for vulnerability scanning, (3) Tracking license compliance across dependencies, (4) Integrating SBOM generation into CI/CD for supply chain security, (5) Creating signed SBOM attestations for software provenance.
📦 Install Skill
Command line install
Install directly with the `skills` CLI.
npx skills add aiskillstore/marketplace/skills/agentsecops/sbom-syftFile Explorer
No file selected
Select a file to view its content

