{"id":"8aeef3b3-7c59-42cf-8f5e-1752f6f0ec86","shortId":"TTFnjg","kind":"skill","title":"SBOM Vulnerability Scanner","tagline":"Generates Software Bill of Materials using Syft and scans for CVEs with Grype. Cross-references findings against the NVD and OSV databases for comprehensive vulnerability detection.","description":"# SBOM Vulnerability Scanner\n\nGenerates Software Bill of Materials using Syft and scans for CVEs with Grype. Cross-references findings against the NVD and OSV databases for comprehensive vulnerability detection.\n\n## Installation\n\nUse the upstream install or setup path that matches your environment:\n- Docker Docs\n- Docker Hardened Images\n- Why should I use Docker Compose?\n- Docker Desktop overview\n\nRequirements and caveats from upstream:\n- Gordon Gordon, your AI assistant for Docker docs\n- email: 'docs@docker.com',\n- I'm Gordon, your AI assistant for Docker and documentation\n\nBasic usage or getting-started notes:\n- Can I run my AI agent in a sandbox?\n- Reference\n- Browse the CLI and API documentation.\n\n- Source: https://docs.docker.com/\n\n## Documentation\n\n- https://docs.docker.com/\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/sbom-vulnerability-scanner/)","tags":["sbom","vulnerability","scanner","skills","agentskillexchange","agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor"],"capabilities":["skill","source-agentskillexchange","skill-sbom-vulnerability-scanner","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/sbom-vulnerability-scanner","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (895 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:12:17.339Z","embedding":null,"createdAt":"2026-05-18T13:19:07.339Z","updatedAt":"2026-05-18T19:12:17.339Z","lastSeenAt":"2026-05-18T19:12:17.339Z","tsv":"'/skills/sbom-vulnerability-scanner/)':145 'agent':124,140 'agentskillexchange.com':144 'agentskillexchange.com/skills/sbom-vulnerability-scanner/)':143 'ai':95,106,123 'api':133 'assist':96,107 'basic':112 'bill':6,36 'brows':129 'caveat':89 'cli':131 'compos':83 'comprehens':28,58 'cross':18,48 'cross-refer':17,47 'cves':14,44 'databas':26,56 'desktop':85 'detect':30,60 'doc':74,99 'docker':73,75,82,84,98,109 'docs.docker.com':136,138 'docs@docker.com':101 'document':111,134,137 'email':100 'environ':72 'exchang':142 'find':20,50 'generat':4,34 'get':116 'getting-start':115 'gordon':92,93,104 'grype':16,46 'harden':76 'imag':77 'instal':61,65 'm':103 'match':70 'materi':8,38 'note':118 'nvd':23,53 'osv':25,55 'overview':86 'path':68 'refer':19,49,128 'requir':87 'run':121 'sandbox':127 'sbom':1,31 'scan':12,42 'scanner':3,33 'setup':67 'skill':141 'skill-sbom-vulnerability-scanner' 'softwar':5,35 'sourc':135,139 'source-agentskillexchange' 'start':117 'syft':10,40 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'upstream':64,91 'usag':113 'use':9,39,62,81 'vulner':2,29,32,59","prices":[{"id":"5eccca01-baa0-47bd-a49c-685b467d157a","listingId":"8aeef3b3-7c59-42cf-8f5e-1752f6f0ec86","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:19:07.339Z"}],"sources":[{"listingId":"8aeef3b3-7c59-42cf-8f5e-1752f6f0ec86","source":"github","sourceId":"agentskillexchange/skills/sbom-vulnerability-scanner","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/sbom-vulnerability-scanner","isPrimary":false,"firstSeenAt":"2026-05-18T13:19:07.339Z","lastSeenAt":"2026-05-18T19:12:17.339Z"}],"details":{"listingId":"8aeef3b3-7c59-42cf-8f5e-1752f6f0ec86","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"sbom-vulnerability-scanner","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"19447ef23156d434fccf7d18f96697cbc393e21c","skill_md_path":"skills/sbom-vulnerability-scanner/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/sbom-vulnerability-scanner"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"SBOM Vulnerability Scanner","description":"Generates Software Bill of Materials using Syft and scans for CVEs with Grype. Cross-references findings against the NVD and OSV databases for comprehensive vulnerability detection."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/sbom-vulnerability-scanner"},"updatedAt":"2026-05-18T19:12:17.339Z"}}