Skillquality 0.45

SBOM Generator and CVE Matcher

Generates Software Bill of Materials using Syft for container images and matches components against the NVD CVE database via OSV.dev API. Outputs CycloneDX and SPDX formats for supply chain compliance.

Price

free

Protocol

skill

Verified

Endpoint

https://skills.sh/agentskillexchange/skills/sbom-generator-cve-matcher

What it does

SBOM Generator and CVE Matcher

Installation

Requirements and caveats from upstream:

Supports dozens of packaging ecosystems (e.g. Alpine (apk), Debian (dpkg), RPM, Go, Python, Java, JavaScript, Ruby, Rust, PHP, .NET, and many more)
Supports OCI, Docker, Singularity, and more image formats
See Installation docs for more ways to get Syft, including Homebrew, Docker, Scoop, Chocolatey, Nix, and more!

Basic usage or getting-started notes:

New to Syft? Check out the Getting Started guide for a walkthrough!
The quickest way to get up and going:
bash
Source: https://github.com/anchore/syft
Extracted from upstream docs: https://raw.githubusercontent.com/anchore/syft/HEAD/README.md

Source

Agent Skill Exchange

Capabilities

skillsource-agentskillexchangeskill-sbom-generator-cve-matchertopic-agent-skillstopic-ai-agentstopic-ai-toolstopic-awesome-listtopic-claude-codetopic-codextopic-cursortopic-llmtopic-mcptopic-npx-skillstopic-openclawtopic-skills-catalog

Install

Installnpx skills add agentskillexchange/skills

Sourcehttps://github.com/agentskillexchange/skills/tree/main/skills/sbom-generator-cve-matcher

skills.shhttps://skills.sh/agentskillexchange/skills/sbom-generator-cve-matcher

Transportskills-sh

Protocolskill

Quality

0.45/ 1.00

deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,291 chars)

Provenance

Indexed fromgithub

Enriched2026-05-18 19:12:17Z · deterministic:skill-github:v1 · v1

First seen2026-05-18

Last seen2026-05-18

Agent access

JSONhttps://clawmart.sh/api/listings/NVSXZW