2 boosters for "sbom" — open source, verified from GitHub, ready to install
Automated security scanning for dependencies, code, containers with Trivy, Snyk, npm audit. Use for CI/CD security gates, pre-deployment audits, compliance requirements, or encountering CVE detection, outdated packages, license compliance, SBOM generation errors.
An MCP server that automates open source release readiness by scanning repositories for secrets, license violations, vulnerabilities, and compliance issues—essential for engineering teams preparing code for public release or internal sharing.
