Skills
.Work. You
Rest

sbom-SKILL.md

Community

Identify SBOM risks via CVE correlations.

Software Engineering#vulnerability#spdx#cve#dependency-graph#sbom#nvd#cyclonedx
AuthorDCx7C5
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Parses Software Bills of Materials (SBOM) to identify supply chain vulnerabilities by mapping components to CVEs using the NVD CVE data and by constructing dependency graphs to support risk-based remediation and compliance reporting.

Core Features & Use Cases

  • Parse CycloneDX and SPDX SBOMs to extract components, versions, and dependencies.
  • Correlate components with CVEs from NVD 2.0 and compute risk scores for prioritization.
  • Generate structured compliance reports and dependency graphs for audits and remediation planning.

Quick Start

Analyze an SBOM file (CycloneDX or SPDX) to produce a vulnerability analysis report.

Dependency Matrix

Required Modules

requestsnetworkxpackaging

Components

scriptsreferences

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: sbom-SKILL.md
Download link: https://github.com/DCx7C5/ai-marketplace/archive/main.zip#sbom-skill-md

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.