This release adds 5 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+14 more
Summary
AI summaryAdded ClickHouse analytics backend and numerous CIS benchmark tools including AWS Foundations, Storage, Logging, Networking, Snowflake, plus a new cis_benchmark MCP tool.
Full changelog
What's Changed
- feat: redesign README diagrams as real architecture visuals by @msaad00 in https://github.com/msaad00/agent-bom/pull/177
- feat: company-grade architecture diagrams by @msaad00 in https://github.com/msaad00/agent-bom/pull/178
- feat: story-driven diagram redesign (Wiz/Snyk-inspired) by @msaad00 in https://github.com/msaad00/agent-bom/pull/179
- fix: replace 'Proprietary' labels with 'Built-in' in diagrams by @msaad00 in https://github.com/msaad00/agent-bom/pull/180
- feat: ClickHouse analytics backend by @msaad00 in https://github.com/msaad00/agent-bom/pull/181
- fix: smithery config + ClawHub metadata accuracy by @msaad00 in https://github.com/msaad00/agent-bom/pull/182
- feat: CoreWeave + NVIDIA NIM cloud discovery by @msaad00 in https://github.com/msaad00/agent-bom/pull/183
- feat: ClickHouse Grafana dashboard + scan_metadata by @msaad00 in https://github.com/msaad00/agent-bom/pull/184
- feat: brand-colored integration pills + analytics in architecture diagrams by @msaad00 in https://github.com/msaad00/agent-bom/pull/186
- release: v0.52.0 by @msaad00 in https://github.com/msaad00/agent-bom/pull/185
- fix: code tightening — consolidate paths, re-enable F841, centralize timeouts by @msaad00 in https://github.com/msaad00/agent-bom/pull/187
- fix: data accuracy — sync stale tool/client/test counts by @msaad00 in https://github.com/msaad00/agent-bom/pull/188
- docs: README restructure — positioning, quickstart, comparison table by @msaad00 in https://github.com/msaad00/agent-bom/pull/189
- fix: tighten pyproject.toml description by @msaad00 in https://github.com/msaad00/agent-bom/pull/191
- release: v0.53.0 by @msaad00 in https://github.com/msaad00/agent-bom/pull/190
- fix: audit accuracy — honest positioning, stale counts, missing traces page by @msaad00 in https://github.com/msaad00/agent-bom/pull/192
- feat: CIS AWS Foundations Benchmark v3.0 — 7 IAM checks by @msaad00 in https://github.com/msaad00/agent-bom/pull/193
- feat: CIS AWS Benchmark — Storage (2.x), Logging (3.x), Networking (5.x) by @msaad00 in https://github.com/msaad00/agent-bom/pull/194
- feat: add CIS Snowflake Benchmark v1.0 — 12 checks across 5 categories by @msaad00 in https://github.com/msaad00/agent-bom/pull/195
- fix: README cleanup — concise positioning, rename scan pipeline, update CIS benchmarks by @msaad00 in https://github.com/msaad00/agent-bom/pull/196
- feat: add cis_benchmark MCP tool — 18th tool for CIS checks via MCP by @msaad00 in https://github.com/msaad00/agent-bom/pull/197
- release: v0.54.0 — CIS benchmarks, MCP cis_benchmark tool, README cleanup by @msaad00 in https://github.com/msaad00/agent-bom/pull/198
Full Changelog: https://github.com/msaad00/agent-bom/compare/v0.51.0...v0.54.0
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About msaad00/agent-bom
AI supply chain security scanner with 18 MCP tools. Auto-discovers 20 MCP clients, scans dependencies for CVEs (OSV/NVD/EPSS/CISA KEV), maps blast radius from vulnerabilities to exposed credentials and tools, runs CIS benchmarks, generates CycloneDX/SPDX SBOMs, and enforces compliance across OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF, and EU AI Act.
Related context
Related tools
Beta — feedback welcome: [email protected]