{"id":50830710,"url":"https://github.com/shiftleftcyber/ai-bom","last_synced_at":"2026-06-13T22:32:22.243Z","repository":{"id":359971801,"uuid":"1244006781","full_name":"shiftleftcyber/ai-bom","owner":"shiftleftcyber","description":null,"archived":false,"fork":false,"pushed_at":"2026-05-24T11:35:13.000Z","size":1453,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-24T12:27:03.022Z","etag":null,"topics":["ai-governance","ai-sbom","ai-security","cybersecurity","cyclonedx","json-schema","machine-learning","sbom","software-bill-of-materials","spdx","supply-chain-security"],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/shiftleftcyber.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-19T21:59:21.000Z","updated_at":"2026-05-24T11:35:17.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/shiftleftcyber/ai-bom","commit_stats":null,"previous_names":["shiftleftcyber/ai-bom"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/shiftleftcyber/ai-bom","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shiftleftcyber%2Fai-bom","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shiftleftcyber%2Fai-bom/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shiftleftcyber%2Fai-bom/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shiftleftcyber%2Fai-bom/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/shiftleftcyber","download_url":"https://codeload.github.com/shiftleftcyber/ai-bom/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shiftleftcyber%2Fai-bom/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34303280,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-13T02:00:06.617Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai-governance","ai-sbom","ai-security","cybersecurity","cyclonedx","json-schema","machine-learning","sbom","software-bill-of-materials","spdx","supply-chain-security"],"created_at":"2026-06-13T22:32:21.637Z","updated_at":"2026-06-13T22:32:22.234Z","avatar_url":"https://github.com/shiftleftcyber.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# AI SBOM Schema and Examples\n\nThis repository contains an AI SBOM JSON Schema derived from the minimum element clusters in `SBOM-for-AI_minimum-elements.pdf`.\n\nPublished docs and schema URLs are available at:\n\n[https://shiftleftcyber.io/ai-bom/](https://shiftleftcyber.io/ai-bom/)\n\nThe source PDF is also published for direct download at:\n\n[https://shiftleftcyber.io/ai-bom/assets/SBOM-for-AI_minimum-elements.pdf](https://shiftleftcyber.io/ai-bom/assets/SBOM-for-AI_minimum-elements.pdf)\n\n## Files\n\n- `ai-sbom.schema.json`: Draft 2020-12 JSON Schema for an AI SBOM.\n- `docs/schemas/ai-sbom-1.0.0.schema.json`: Immutable versioned schema URL for GitHub Pages.\n- `docs/schemas/ai-sbom.schema.json`: Latest schema URL for GitHub Pages.\n- `docs/assets/SBOM-for-AI_minimum-elements.pdf`: GitHub Pages-hosted copy of the source PDF.\n- `examples/valid/customer-support-ai-sbom.json`: Valid SBOM for a customer support assistant.\n- `examples/valid/medical-triage-ai-sbom.json`: Valid SBOM for a medical triage recommender.\n- `examples/invalid/missing-required-metadata.json`: Invalid because required metadata and required nested cluster fields are missing. It intentionally omits `sbomTimestamp`; `sbomAuthorSignature` is optional.\n- `examples/invalid/bad-types-and-enums.json`: Invalid because several fields use the wrong type, invalid enum values, or empty arrays where at least one item is required.\n- `examples/invalid/non-jsf-signature.json`: Invalid because `metadata.sbomAuthorSignature` does not follow the JSF signaturecore structure.\n- `examples/invalid/unknown-extra-properties.json`: Invalid because extra properties are disallowed and the model hash algorithm/value are invalid.\n\n## Source Mapping\n\nThe schema models the seven clusters described in the PDF:\n\n- Metadata\n- System Level Properties\n- Models\n- Dataset Properties\n- Infrastructure\n- Security Properties\n- Key Performance Indicators\n\nFor automation, the schema requires `metadata.bomFormat` with the fixed value `AI-SBOM`. This gives tools a small discriminator field for identifying this format without relying on file names.\n\n## Author Signatures\n\nThe optional `metadata.sbomAuthorSignature` field uses the JSON Signature Format (JSF) `signaturecore` structure. JSF is also used by CycloneDX for enveloped JSON signatures, so adopting it gives AI SBOM producers and consumers a familiar signing model instead of creating a new signature format.\n\nThis schema currently supports only the simple JSF `signaturecore` form. It does not yet support JSF `signers` multisignature or `chain` signature-chain objects. The core fields are:\n\n- `algorithm`: JSF/JWA signature algorithm such as `ES256`, `RS256`, `PS256`, `Ed25519`, or a URI for proprietary algorithms.\n- `value`: the base64url-encoded signature value.\n- `keyId`: optional key identifier for lookup in a trust store, key management system, JWKS endpoint, or internal registry.\n- `publicKey`: optional embedded public key that enables self-contained cryptographic verification.\n- `certificatePath`: optional certificate chain material for workflows that need identity binding through X.509 trust anchors.\n\nThe signature follows JSF signing semantics. For a simple signature, the signed payload is the entire AI SBOM JSON document after JSON Canonicalization Scheme processing, with only `metadata.sbomAuthorSignature.value` removed before canonicalization. Other signature fields, including `algorithm`, `keyId`, `publicKey`, and `certificatePath`, remain part of the signed payload.\n\nEmbedding a `publicKey` makes cryptographic verification easier, but it does not by itself prove that the key belongs to the claimed SBOM author. Verifiers still need a trust decision based on `keyId`, `certificatePath`, an out-of-band trust store, or an organizational policy. If JSF `excludes` is used, verifiers should reject unexpected exclusions by policy.\n\n## Consuming the Schema\n\nUse the immutable versioned URL when you want reproducible validation:\n\n[https://shiftleftcyber.io/ai-bom/schemas/ai-sbom-1.0.0.schema.json](https://shiftleftcyber.io/ai-bom/schemas/ai-sbom-1.0.0.schema.json)\n\nUse the latest URL when you intentionally want the newest compatible schema:\n\n[https://shiftleftcyber.io/ai-bom/schemas/ai-sbom.schema.json](https://shiftleftcyber.io/ai-bom/schemas/ai-sbom.schema.json)\n\nYou can also pin directly to a Git tag:\n\n[https://raw.githubusercontent.com/shiftleftcyber/ai-bom/v1.0.0/ai-sbom.schema.json](https://raw.githubusercontent.com/shiftleftcyber/ai-bom/v1.0.0/ai-sbom.schema.json)\n\nThe schema is intentionally strict with `additionalProperties: false` so that nonconforming examples fail predictably, but lifecycle-dependent fields such as signatures, hashes, licenses, security evidence, infrastructure details, and KPIs are optional.\n\n## License\n\nThis project is licensed under the [Apache License 2.0](LICENSE). Apache-2.0 was chosen because it is permissive like MIT while also including an explicit patent grant, which is useful for an interoperability-focused schema and related tooling.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshiftleftcyber%2Fai-bom","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fshiftleftcyber%2Fai-bom","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshiftleftcyber%2Fai-bom/lists"}