Skillquality 0.45

CycloneDX SBOM Generator

Generates Software Bill of Materials in CycloneDX format using cdxgen and Syft. Scans npm, pip, and Go modules for known CVEs via OSV.dev API integration.

Price
free
Protocol
skill
Verified
no
Endpoint
https://skills.sh/agentskillexchange/skills/cyclonedx-sbom-generator

What it does

CycloneDX SBOM Generator

Generates Software Bill of Materials in CycloneDX format using cdxgen and Syft. Scans npm, pip, and Go modules for known CVEs via OSV.dev API integration.

Installation

Use the upstream install or setup path that matches your environment:

  • npm install -g @cyclonedx/cdxgen
  • $ brew install cdxgen
  • docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen:master -r /app -o /app/bom.json
  • docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-deno:master -r /app -o /app/bom.json

Requirements and caveats from upstream:

  • Software-as-a-Service (SaaSBOM) - For Java, Python, JavaScript, TypeScript, and PHP projects.
  • You can also use the cdxgen container image with node, deno, or bun runtime versions.
  • The default version uses Node.js 23

Basic usage or getting-started notes:

  • | Developers | Generate a CycloneDX BOM from a local repo, git URL, purl, or container image | cdxgen -o bom.json . | [CLI Usage][docs-cli], [Supported Project Types][docs-project-types] |

  • | AppSec | Enrich BOMs with evidence, run BOM audit rules, and feed downstream security workflows | cdxgen -o bom.json --profile appsec --evidence --bom-audit . | BOM Audit, [Threat Model](doc...

  • | SOC analysts | Build OBOM inventories for live hosts and triage runtime posture issues | obom -o obom.json --deep --bom-audit --bom-audit-categories obom-runtime | OBOM lessons, [Server U...

  • Source: https://github.com/cdxgen/cdxgen

  • Extracted from upstream docs: https://raw.githubusercontent.com/cdxgen/cdxgen/HEAD/README.md

Source

Capabilities

skillsource-agentskillexchangeskill-cyclonedx-sbom-generatortopic-agent-skillstopic-ai-agentstopic-ai-toolstopic-awesome-listtopic-claude-codetopic-codextopic-cursortopic-llmtopic-mcptopic-npx-skillstopic-openclawtopic-skills-catalog

Install

Installnpx skills add agentskillexchange/skills
Sourcehttps://github.com/agentskillexchange/skills/tree/main/skills/cyclonedx-sbom-generator
skills.shhttps://skills.sh/agentskillexchange/skills/cyclonedx-sbom-generator
Transportskills-sh
Protocolskill

Quality

0.45/ 1.00

deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,790 chars)

Provenance

Indexed fromgithub
Enriched2026-05-18 19:10:00Z · deterministic:skill-github:v1 · v1
First seen2026-05-18
Last seen2026-05-18

Agent access

JSONhttps://clawmart.sh/api/listings/n2TZnX