sbom-provenance
OfficialEnsure transparency with automatic SBOM and build provenance.
Software Engineering#dependency analysis#provenance#cybersecurity#supply chain#sbom#software compliance
AuthorRedHatProductSecurity
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps developers and security teams generate comprehensive Software Bill of Materials (SBOM) reports to increase supply chain transparency and support compliance.
Core Features & Use Cases
- Generate SBOMs in formats like SPDX and CycloneDX for container images and software projects.
- Attest build provenance, including source code, build system, and parameters, to verify software authenticity.
- Use Case: When releasing a new version of an AI application, generate an SBOM to document all components and dependencies, aiding compliance and security audits.
Quick Start
Use the sbom-provenance skill to produce an SBOM for your container image or code directory.
Dependency Matrix
Required Modules
syft
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: sbom-provenance Download link: https://github.com/RedHatProductSecurity/prodsec-skills/archive/main.zip#sbom-provenance Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.