{"id":44252202,"url":"https://github.com/trusera/ai-bom","last_synced_at":"2026-02-14T19:01:13.417Z","repository":{"id":337303879,"uuid":"1153029748","full_name":"Trusera/ai-bom","owner":"Trusera","description":"AI Bill of Materials — discover every AI agent, model, and API in your infrastructure","archived":false,"fork":false,"pushed_at":"2026-02-13T15:26:59.000Z","size":9271,"stargazers_count":25,"open_issues_count":0,"forks_count":7,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-02-14T00:30:43.365Z","etag":null,"topics":["ai","ai-security","bill-of-materials","cyclonedx","github-actions","llm","sarif","sbom","security"],"latest_commit_sha":null,"homepage":"https://trusera.dev","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Trusera.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-08T19:46:23.000Z","updated_at":"2026-02-13T22:50:10.000Z","dependencies_parsed_at":"2026-02-12T17:01:33.874Z","dependency_job_id":null,"html_url":"https://github.com/Trusera/ai-bom","commit_stats":null,"previous_names":["trusera/ai-bom"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/Trusera/ai-bom","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Trusera%2Fai-bom","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Trusera%2Fai-bom/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Trusera%2Fai-bom/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Trusera%2Fai-bom/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Trusera","download_url":"https://codeload.github.com/Trusera/ai-bom/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Trusera%2Fai-bom/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29452585,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-14T15:52:44.973Z","status":"ssl_error","status_checked_at":"2026-02-14T15:52:11.208Z","response_time":53,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","ai-security","bill-of-materials","cyclonedx","github-actions","llm","sarif","sbom","security"],"created_at":"2026-02-10T15:16:23.607Z","updated_at":"2026-02-14T19:01:13.317Z","avatar_url":"https://github.com/Trusera.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n  \u003cimg src=\"assets/logo.png\" alt=\"AI-BOM Logo\" width=\"80\" /\u003e\n  \u003cimg src=\"assets/maskot.png\" alt=\"Trusera Mascot\" width=\"80\" style=\"margin-left: 12px\" /\u003e\n  \u003ch1\u003eAI-BOM\u003c/h1\u003e\n  \u003cp\u003e\u003cstrong\u003eDiscover every AI agent, model, and API hiding in your infrastructure\u003c/strong\u003e\u003c/p\u003e\n\n  \u003c!-- badges --\u003e\n  \u003cp\u003e\n    \u003ca href=\"https://github.com/Trusera/ai-bom/stargazers\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/Trusera/ai-bom?style=social\" alt=\"GitHub Stars\" /\u003e\u003c/a\u003e\n    \u003ca href=\"https://pypi.org/project/ai-bom/\"\u003e\u003cimg src=\"https://img.shields.io/pypi/v/ai-bom.svg\" alt=\"PyPI\" /\u003e\u003c/a\u003e\n    \u003ca href=\"https://pypi.org/project/ai-bom/\"\u003e\u003cimg src=\"https://img.shields.io/pypi/dm/ai-bom.svg\" alt=\"PyPI Downloads\" /\u003e\u003c/a\u003e\n    \u003ca href=\"https://www.npmjs.com/package/n8n-nodes-trusera\"\u003e\u003cimg src=\"https://img.shields.io/npm/v/n8n-nodes-trusera.svg\" alt=\"npm\" /\u003e\u003c/a\u003e\n    \u003cimg src=\"https://img.shields.io/badge/python-3.10%2B-blue.svg\" alt=\"Python 3.10+\" /\u003e\n    \u003cimg src=\"https://img.shields.io/badge/license-Apache%202.0-blue.svg\" alt=\"License\" /\u003e\n    \u003cimg src=\"https://img.shields.io/badge/CycloneDX-1.6-green.svg\" alt=\"CycloneDX 1.6\" /\u003e\n    \u003cimg src=\"https://img.shields.io/badge/tests-651%20passing-brightgreen.svg\" alt=\"Tests\" /\u003e\n    \u003cimg src=\"https://img.shields.io/badge/coverage-81%25-brightgreen.svg\" alt=\"Coverage\" /\u003e\n    \u003cimg src=\"https://img.shields.io/badge/PRs-welcome-orange.svg\" alt=\"PRs Welcome\" /\u003e\n  \u003c/p\u003e\n\n  \u003cp\u003e\n    \u003ca href=\"#quick-start\"\u003eQuick Start\u003c/a\u003e \u0026nbsp;|\u0026nbsp;\n    \u003ca href=\"#n8n-community-node\"\u003en8n Node\u003c/a\u003e \u0026nbsp;|\u0026nbsp;\n    \u003ca href=\"#what-it-finds\"\u003eWhat It Finds\u003c/a\u003e \u0026nbsp;|\u0026nbsp;\n    \u003ca href=\"#comparison\"\u003eComparison\u003c/a\u003e \u0026nbsp;|\u0026nbsp;\n    \u003ca href=\"#architecture\"\u003eArchitecture\u003c/a\u003e \u0026nbsp;|\u0026nbsp;\n    \u003ca href=\"#output-formats\"\u003eOutput Formats\u003c/a\u003e \u0026nbsp;|\u0026nbsp;\n    \u003ca href=\"#cicd-integration\"\u003eCI/CD\u003c/a\u003e \u0026nbsp;|\u0026nbsp;\n    \u003ca href=\"#scan-levels\"\u003eScan Levels\u003c/a\u003e \u0026nbsp;|\u0026nbsp;\n    \u003ca href=\"#dashboard\"\u003eDashboard\u003c/a\u003e\n  \u003c/p\u003e\n\n  \u003cbr /\u003e\n  \u003cimg src=\"assets/n8n-demo.gif\" alt=\"AI-BOM n8n Community Node Demo\" width=\"720\" /\u003e\n  \u003cbr /\u003e\n  \u003csub\u003eScan all your n8n AI workflows for security risks — directly inside n8n\u003c/sub\u003e\n\u003c/div\u003e\n\n---\n\n## Why AI-BOM?\n\n- **EU AI Act (Article 53, Aug 2025)** requires a complete AI component inventory. No existing SBOM tool covers AI.\n- **60%+ of AI usage is undocumented** — shadow AI is the new shadow IT. Developers ship LLM integrations, agent frameworks, and MCP servers without security review.\n- **First tool to scan n8n workflows for AI** — n8n is the backbone of enterprise AI automation, but completely invisible to Trivy, Syft, and Grype.\n\nOne command. 13 scanners. 9 output formats. Standards-compliant AI Bill of Materials.\n\n## Quick Start\n\n```bash\npipx install ai-bom\nai-bom scan .\n```\n\nThat's it. Scans your project and prints a risk-scored inventory of every AI component found.\n\n```bash\n# CycloneDX SBOM for compliance\nai-bom scan . -f cyclonedx -o ai-bom.cdx.json\n\n# SARIF for GitHub Code Scanning\nai-bom scan . -f sarif -o results.sarif\n\n# Fail CI on critical findings\nai-bom scan . --fail-on critical --quiet\n```\n\n\u003cdetails\u003e\n\u003csummary\u003eAlternative: Install in a virtual environment\u003c/summary\u003e\n\n```bash\npython3 -m venv .venv \u0026\u0026 source .venv/bin/activate\npip install ai-bom\nai-bom scan .\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eTroubleshooting: PEP 668 / \"externally-managed-environment\" error\u003c/summary\u003e\n\nModern Linux distros (Ubuntu 24.04+) and macOS 14+ block `pip install` at the system level. Use **pipx** (recommended) or a **venv** as shown above.\n\n```bash\nsudo apt install pipx   # Debian/Ubuntu\nbrew install pipx        # macOS\npipx install ai-bom\n```\n\n\u003c/details\u003e\n\n## n8n Community Node\n\nScan all your n8n workflows for AI security risks — directly inside n8n. One node, full dashboard.\n\n**Install:** Settings \u003e Community Nodes \u003e `n8n-nodes-trusera`\n\n### Setup (1 minute)\n\n1. Add the **Trusera Webhook** node to a workflow\n2. Add your n8n API credential (Settings \u003e n8n API \u003e Create API Key)\n3. Activate the workflow\n4. Visit `http://your-n8n-url/webhook/trusera`\n\nThat's it. The node fetches all workflows, scans them, and serves an interactive HTML dashboard.\n\n### Included Nodes\n\n| Node | Purpose |\n|------|---------|\n| **Trusera Webhook** | One-node dashboard at `/webhook/trusera` (recommended) |\n| **Trusera Dashboard** | Chain with built-in Webhook for custom setups |\n| **Trusera Scan** | Programmatic scanning — returns JSON for CI/CD pipelines |\n| **Trusera Policy** | Security gates — pass/fail against configurable policies |\n| **Trusera Report** | Markdown/JSON reports for Slack, email, or docs |\n\n### Dashboard features\n\n- Severity distribution charts, component type breakdown, and OWASP LLM Top 10 mapping\n- Scanned workflows table with trigger type, component count, and risk severity\n- Sortable findings table with search, severity/type/workflow filters\n- Per-finding remediation cards with actionable fix steps\n- CSV and JSON export\n- Light/dark theme toggle\n- Optional password protection (AES-256-GCM encrypted, client-side decryption)\n\n## What It Finds\n\n| Category | Examples | Scanner |\n|----------|----------|---------|\n| LLM Providers | OpenAI, Anthropic, Google AI, Mistral, Cohere, Ollama, DeepSeek | Code |\n| Agent Frameworks | LangChain, CrewAI, AutoGen, LlamaIndex, LangGraph | Code |\n| Model References | gpt-4o, claude-3-5-sonnet, gemini-1.5-pro, llama-3 | Code |\n| API Keys | OpenAI (sk-\\*), Anthropic (sk-ant-\\*), HuggingFace (hf\\_\\*) | Code, Network |\n| AI Containers | Ollama, vLLM, HuggingFace TGI, NVIDIA Triton, ChromaDB | Docker |\n| Cloud AI | AWS Bedrock/SageMaker \\| Azure OpenAI/ML \\| Google Vertex AI | Cloud |\n| AI Endpoints | api.openai.com, api.anthropic.com, localhost:11434 | Network |\n| n8n AI Nodes | AI Agents, LLM Chat, MCP Client, Tools, Embeddings | n8n |\n| MCP Servers | Model Context Protocol server configurations | Code, MCP Config |\n| A2A Protocol | Google Agent-to-Agent protocol | Code |\n| CrewAI Flows | @crew, @agent, @task, @flow decorators | Code, AST |\n| Jupyter Notebooks | AI imports and model usage in .ipynb files | Jupyter |\n| GitHub Actions | AI-related actions and model deployments | GitHub Actions |\n| Model Files | .gguf, .safetensors, .onnx, .pt binary model files | Model File |\n\n**25+ AI SDKs detected** across Python, JavaScript, TypeScript, Java, Go, Rust, and Ruby.\n\n## Comparison\n\nHow does ai-bom compare to existing supply chain security tools?\n\n| Feature | ai-bom | Trivy | Syft | Grype |\n|---------|--------|-------|------|-------|\n| AI/LLM SDK detection | **Yes** | No | No | No |\n| AI model references | **Yes** | No | No | No |\n| Agent framework detection | **Yes** | No | No | No |\n| n8n workflow scanning | **Yes** | No | No | No |\n| MCP server detection | **Yes** | No | No | No |\n| AI-specific risk scoring | **Yes** | No | No | No |\n| Cloud AI service detection | **Yes** | No | No | No |\n| Jupyter notebook scanning | **Yes** | No | No | No |\n| CycloneDX SBOM output | **Yes** | Yes | Yes | No |\n| SARIF output (GitHub) | **Yes** | Yes | No | No |\n| Docker AI container detection | **Yes** | Partial | Partial | No |\n| CVE vulnerability scanning | No | Yes | No | Yes |\n| OS package scanning | No | Yes | Yes | Yes |\n\n\u003e **ai-bom doesn't replace Trivy or Syft — it fills the AI-shaped gap they leave behind.**\n\n## Architecture\n\n```mermaid\ngraph LR\n    subgraph Input\n        A[Source Code] --\u003e S\n        B[Docker/K8s] --\u003e S\n        C[Network/Env] --\u003e S\n        D[Cloud IaC] --\u003e S\n        E[n8n Workflows] --\u003e S\n        F[Jupyter/.ipynb] --\u003e S\n        G[MCP Configs] --\u003e S\n        H[GitHub Actions] --\u003e S\n        I[Model Files] --\u003e S\n    end\n\n    S[Scanner Engine\u003cbr/\u003e13 Auto-Registered Scanners] --\u003e M[Pydantic Models\u003cbr/\u003eAIComponent + ScanResult]\n    M --\u003e R[Risk Scorer\u003cbr/\u003e0-100 Score + Severity]\n    R --\u003e C2[Compliance Modules\u003cbr/\u003eEU AI Act, OWASP, Licenses]\n\n    subgraph Output\n        C2 --\u003e O1[CycloneDX 1.6]\n        C2 --\u003e O2[SARIF 2.1.0]\n        C2 --\u003e O3[SPDX 3.0]\n        C2 --\u003e O4[HTML Dashboard]\n        C2 --\u003e O5[Markdown / CSV / JUnit]\n        C2 --\u003e O6[Rich Terminal Table]\n    end\n```\n\n**Key design decisions:**\n- Scanners auto-register via `__init_subclass__` — add a new scanner in one file, zero wiring\n- Regex-based detection (not AST by default) for speed and cross-language support\n- CycloneDX 1.6 JSON generated directly from dicts — no heavy dependencies\n- Risk scoring is a pure stateless function\n- Parallel scanner execution via thread pool\n\n## Output Formats\n\n### Table (default)\n\n```bash\nai-bom scan .\n```\n\nRich terminal output with color-coded severity, risk scores, and component grouping.\n\n### CycloneDX 1.6\n\n```bash\nai-bom scan . -f cyclonedx -o ai-bom.cdx.json\n```\n\nIndustry-standard SBOM format. Compatible with OWASP Dependency-Track. Includes Trusera AI risk properties.\n\n\u003cdetails\u003e\n\u003csummary\u003eExample output snippet\u003c/summary\u003e\n\n```json\n{\n  \"bomFormat\": \"CycloneDX\",\n  \"specVersion\": \"1.6\",\n  \"components\": [\n    {\n      \"type\": \"library\",\n      \"name\": \"openai\",\n      \"version\": \"1.x\",\n      \"properties\": [\n        { \"name\": \"trusera:ai-bom:risk-score\", \"value\": \"45\" },\n        { \"name\": \"trusera:ai-bom:severity\", \"value\": \"medium\" }\n      ]\n    }\n  ]\n}\n```\n\n\u003c/details\u003e\n\n### SARIF 2.1.0\n\n```bash\nai-bom scan . -f sarif -o results.sarif\n```\n\nUpload to GitHub Code Scanning for inline annotations on AI components.\n\n### Other formats\n\n| Format | Flag | Use case |\n|--------|------|----------|\n| HTML | `-f html` | Shareable dashboard — no server required |\n| Markdown | `-f markdown` | PR comments, documentation |\n| SPDX 3.0 | `-f spdx3` | SPDX-compatible with AI extensions |\n| CSV | `-f csv` | Spreadsheet analysis |\n| JUnit | `-f junit` | CI/CD test reporting |\n| JSON | `-f json` | Alias for CycloneDX |\n\n## CI/CD Integration\n\n### GitHub Actions (recommended)\n\nUse the official AI-BOM GitHub Action for one-line CI/CD integration:\n\n```yaml\nname: AI-BOM Scan\non: [push, pull_request]\npermissions:\n  security-events: write\n  contents: read\n\njobs:\n  ai-bom:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n\n      - name: Scan for AI components\n        uses: trusera/ai-bom@main\n        with:\n          format: sarif\n          output: ai-bom-results.sarif\n          fail-on: critical\n          scan-level: deep\n```\n\nThe action handles Python setup, ai-bom installation, and automatic SARIF upload to GitHub Code Scanning.\n\nSee [`.github/workflows/ai-bom-example.yml`](.github/workflows/ai-bom-example.yml) for more examples (CycloneDX SBOM, policy gates, artifact uploads).\n\n\u003cdetails\u003e\n\u003csummary\u003eManual setup (without the action)\u003c/summary\u003e\n\n```yaml\nname: AI-BOM Scan\non: [push, pull_request]\n\njobs:\n  ai-bom:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n\n      - name: Install AI-BOM\n        run: pipx install ai-bom\n\n      - name: Scan for AI components\n        run: ai-bom scan . --fail-on critical --quiet -f sarif -o results.sarif\n\n      - name: Upload SARIF\n        uses: github/codeql-action/upload-sarif@v3\n        with:\n          sarif_file: results.sarif\n        if: always()\n```\n\n\u003c/details\u003e\n\n### Policy enforcement\n\n```bash\n# Fail CI if any critical findings\nai-bom scan . --fail-on critical --quiet\n\n# Use a YAML policy file for fine-grained control\nai-bom scan . --policy .ai-bom-policy.yml --quiet\n```\n\n```yaml\n# .ai-bom-policy.yml\nmax_critical: 0\nmax_high: 5\nmax_risk_score: 75\nblock_providers: []\nblock_flags:\n  - hardcoded_api_key\n  - hardcoded_credentials\n```\n\n## Scan Levels\n\nai-bom's detection depth depends on the access available at scan time:\n\n| Level | Access Required | What It Finds | Scanner |\n|-------|----------------|---------------|---------|\n| **L1 — File System** | Read-only file access | Source code imports, configs, IaC, n8n JSON, notebooks | Code, Cloud, n8n, Jupyter, MCP Config |\n| **L2 — Docker** | + Docker socket | Running AI containers, GPU allocations | Docker |\n| **L3 — Network** | + Env files | API endpoints, hardcoded keys, .env secrets | Network |\n| **L4 — Cloud IaC** | + Terraform/CFN files | 60+ AWS/Azure/GCP AI resource types | Cloud |\n| **L5 — Live Cloud** | + Cloud credentials | Managed AI services via cloud APIs | AWS/GCP/Azure Live |\n\n```bash\n# L1 (default) — works out of the box\nai-bom scan .\n\n# L5 — live cloud scanning\npip install ai-bom[aws]\nai-bom scan-cloud aws\n```\n\n### Deep scanning (AST mode)\n\n```bash\nai-bom scan . --deep\n```\n\nEnables Python AST analysis for decorator patterns (`@agent`, `@tool`, `@crew`, `@flow`), function calls to AI APIs, and string literals containing model names.\n\n## Dashboard\n\n```bash\npip install ai-bom[dashboard]\n\nai-bom scan . --save-dashboard   # Save scan results\nai-bom dashboard                  # Launch at http://127.0.0.1:8000\n```\n\nThe web dashboard provides:\n- Scan history with timestamps, targets, and component counts\n- Drill-down into individual scans with sortable component tables\n- Severity distribution charts and risk score visualizations\n- Side-by-side scan comparison (diff view)\n\n### n8n workflow scanning\n\n```bash\n# Scan workflow JSON files\nai-bom scan ./workflows/\n\n# Scan local n8n installation\nai-bom scan . --n8n-local\n\n# Scan running n8n instance via API\nai-bom scan . --n8n-url http://localhost:5678 --n8n-api-key YOUR_KEY\n```\n\nDetects AI Agent nodes, MCP client connections, webhook triggers without auth, dangerous tool combinations, and hardcoded credentials in workflow JSON.\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for development setup and guidelines.\n\n```bash\ngit clone https://github.com/trusera/ai-bom.git \u0026\u0026 cd ai-bom\npip install -e \".[dev]\"\npytest tests/ -v\n```\n\nQuality gates enforced:\n- **ruff** (E,F,I,W,S,B,C4,UP,SIM,N,RUF) — zero lint errors\n- **mypy** strict (`disallow_untyped_defs = true`) — zero type errors\n- **pytest** — 651 tests, 80%+ coverage required\n\n## License\n\nApache License 2.0 — see [LICENSE](LICENSE) for details.\n\n---\n\n## Star History\n\n\u003ca href=\"https://star-history.com/#Trusera/ai-bom\u0026Date\"\u003e\n \u003cpicture\u003e\n   \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://api.star-history.com/svg?repos=Trusera/ai-bom\u0026type=Date\u0026theme=dark\" /\u003e\n   \u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://api.star-history.com/svg?repos=Trusera/ai-bom\u0026type=Date\" /\u003e\n   \u003cimg alt=\"Star History Chart\" src=\"https://api.star-history.com/svg?repos=Trusera/ai-bom\u0026type=Date\" /\u003e\n \u003c/picture\u003e\n\u003c/a\u003e\n\n---\n\n\u003cdiv align=\"center\"\u003e\n  \u003cstrong\u003eBuilt by \u003ca href=\"https://trusera.dev\"\u003eTrusera\u003c/a\u003e\u003c/strong\u003e — Securing the Agentic Service Mesh\n  \u003cbr /\u003e\n  \u003csub\u003eai-bom is the open-source foundation of the Trusera platform for AI agent security.\u003c/sub\u003e\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrusera%2Fai-bom","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftrusera%2Fai-bom","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrusera%2Fai-bom/lists"}