msaad00/agent-bom

Developer Tools

AI supply chain security scanner with 18 MCP tools. Auto-discovers 20 MCP clients, scans dependencies for CVEs (OSV/NVD/EPSS/CISA KEV), maps blast radius from vulnerabilities to exposed credentials and tools, runs CIS benchmarks, generates CycloneDX/SPDX SBOMs, and enforces compliance across OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF, and EU AI Act.

Overview

Direct install

Run the underlying MCP server directly — without Agent-CoreX routing.

npx -y agent-bom

Use with Agent-CoreX

Agent-CoreX intelligently routes which tools from msaad00/agent-bom your AI agent actually needs per request — reducing token usage and cost.

agent-corex.json

{
  "mcpServers": {
    "agent-bom": {
      "command": "npx",
      "args": [
        "-y",
        "agent-bom"
      ]
    }
  }
}

Route msaad00/agent-bom intelligently

Connect in 2 minutes. Only pay for the tools your agent actually uses.

Get started free Browse all servers

Git

Git repository operations and history inspection

Sequential Thinking

Support for step-by-step reasoning with explicit thought processes

GitHub

Access GitHub repositories, issues, and pull requests

Installation Guide

Use with Agent-CoreX

Recommended: intelligent tool routing, lower costs

uvx agent-corex mcp add agent-bom

Agent-CoreX selects only the tools your agent needs, cutting token usage by up to 60%.

Direct Install

Use msaad00/agent-bom directly without routing

npx -y agent-bom

New to Agent-CoreX? View setup guide →

Direct install

Use with Agent-CoreX

Route msaad00/agent-bom intelligently

More Developer Tools servers

Git

Sequential Thinking

GitHub

Installation Guide

Use with Agent-CoreX

Direct Install