Agent-BOM MCP Server

Local setup required. This server has to be cloned and prepared on your machine before you register it in Claude Code.
1

Set the server up locally

Run this once to clone and prepare the server before adding it to Claude Code.

Run in terminal
pip install agent-bom
2

Register it in Claude Code

After the local setup is done, run this command to point Claude Code at the built server.

Run in terminal
claude mcp add agent-bom -- node "<FULL_PATH_TO_AGENT_BOM>/dist/index.js"

Replace <FULL_PATH_TO_AGENT_BOM>/dist/index.js with the actual folder you prepared in step 1.

README.md

AI supply chain security scanner for MCP servers and AI agents.

Your AI agent's dependencies have a CVE. Which credentials leak?

CVE-2025-1234  (CRITICAL · CVSS 9.8 · CISA KEV)
  |── better-sqlite3@9.0.0  (npm)
       |── sqlite-mcp  (MCP Server · unverified · root)
            |── Cursor IDE  (Agent · 4 servers · 12 tools)
            |── ANTHROPIC_KEY, DB_URL, AWS_SECRET  (Credentials exposed)
            |── query_db, read_file, write_file, run_shell  (Tools at risk)

 Fix: upgrade better-sqlite3 → 11.7.0

agent-bom maps the blast radius: CVE → package → MCP server → AI agent → credentials → tools.

pip install agent-bom
agent-bom agents

What it does

Security scanner purpose-built for AI infrastructure and supply chain.

AI Supply Chain Security:

  1. Discovers AI agents + MCP servers — 30 client types, auto-detected from config files
  2. Scans source code — AST analysis extracts system prompts, guardrails, tool signatures from Python AI frameworks (LangChain, CrewAI, OpenAI Agents SDK, and 7 more)
  3. Generates an AI BOM — CycloneDX 1.6 with native ML extensions (modelCard, datasets, training metadata)
  4. Scans for CVEs — 15 ecosystems checked against OSV + NVD + GHSA + EPSS + CISA KEV
  5. Maps blast radius — CVE → package → MCP server → AI agent → credentials → tools
  6. Detects secrets — 34 credential patterns + 11 PII patterns across source, config, and .env files
  7. Enforces at runtime — MCP proxy with 112 detection patterns, PII redaction, zero-trust session isolation
  8. Verifies supply chain — SLSA provenance (npm), PEP 740 attestations (PyPI), Go checksum DB

Also scans: container images, filesystems, IaC (138 rules), cloud posture (AWS/Azure/GCP CIS benchmarks).

Shield SDK — drop-in Python middleware for any AI agent pipeline:

from agent_bom.shield import Shield
shield = Shield(deep=True)
alerts = shield.check_tool_call("exec", {"command": "rm -rf /"})
safe = shield.redact(response_text)  # [REDACTED:OpenAI API Key]

Read-only. Agentless. No secrets leave your machine.

Quick start

pip install agent-bom

# AI agent discovery + vulnerability scanning + blast radius
agent-bom agents

# Pre-install CVE gate
agent-bom check flask@2.0.0

# MCP security proxy (112 patterns, 7 detectors, PII redaction)
agent-bom proxy "npx @mcp/server-filesystem /tmp"

# Container image scan
agent-bom image nginx:latest

# IaC misconfigurations (138 rules: Dockerfile, K8s, Terraform, CloudFormation, Helm)
agent-bom iac Dockerfile k8s/ infra/main.tf

# Cloud posture + CIS benchmarks
agent-bom cloud aws

# Dependency graph export (Neo4j, GraphML, Graphviz, Mermaid)
agent-bom graph report.json --format cypher --output import.cypher

# Red team — test your defenses (100% detection, 0% false positives)
python -c "from agent_bom.red_team import run_red_team; print(run_red_team()['detection_rate'])"
All commands 
Scanning:     agents, image, fs, iac, sbom, secre

Tools (3)

agent-bom-scanScans AI agents and MCP servers for vulnerabilities and security risks.
agent-bom-proxyRuns an MCP security proxy with detection patterns and PII redaction.
agent-bom-checkPerforms a CVE gate check on specific packages.

Configuration

claude_desktop_config.json
{"mcpServers": {"agent-bom": {"command": "agent-bom", "args": ["proxy", "npx", "@mcp/server-filesystem", "/tmp"]}}}

Try it

Scan my current environment for AI agents and MCP servers to identify potential security vulnerabilities.
Run the security proxy for my filesystem MCP server to enable PII redaction and threat detection.
Check if the flask package version 2.0.0 has any known CVEs.
Generate a security report for my current AI agent setup including blast radius mapping.

Frequently Asked Questions

What are the key features of Agent-BOM?

Discovers AI agents and MCP servers across 30 client types. Generates CycloneDX 1.6 SBOMs with ML extensions. Maps blast radius from CVEs to credentials and tools. Enforces runtime security with 112 detection patterns and PII redaction. Scans IaC, container images, and cloud posture against CIS benchmarks.

What can I use Agent-BOM for?

Identifying exposed credentials in AI agent configurations. Ensuring compliance with OWASP LLM Top 10 and NIST AI RMF. Verifying supply chain provenance for AI dependencies. Securing MCP server tool calls with real-time PII redaction.

How do I install Agent-BOM?

Install Agent-BOM by running: pip install agent-bom

What MCP clients work with Agent-BOM?

Agent-BOM works with any MCP-compatible client including Claude Desktop, Claude Code, Cursor, and other editors with MCP support.

Turn this server into reusable context

Keep Agent-BOM docs, env vars, and workflow notes in Conare so your agent carries them across sessions.

Need the old visual installer? Open Conare IDE.
Open Conare
View all ai-tools servers →

Related MCP Servers

Skill Seekers
The data layer for AI systems.
ai-tools11.1K stars
Context Mode
The other half of the context problem.
ai-tools5.6K stars
Semiotic
A React data visualization library designed for AI-assisted development.
ai-tools2.6K stars
RocketRide
Self-hosted, open-source AI pipeline platform for MCP tools
ai-tools1.6K stars
Context+
Semantic Intelligence for Large-Scale Engineering.
ai-tools1.5K stars
ShipSwift
AI-native SwiftUI component library — production-ready code for LLMs
ai-tools1.3K stars