logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

mcp-sbom-server

Performs scans and generates Software Bill of Materials (SBOM) in CycloneDX format, while identifying vulnerabilities in software dependencies. Facilitates integration with MCP clients for efficient scanning and reporting.

Author

mcp-sbom-server logo

gkhays

No License

Quick Info

GitHub GitHub Stars 2
NPM Weekly Downloads 0
Tools 1
Last Updated 2026-02-19

Actions

GitHub View on GitHub

Tags

sbomcyclonedxscanssbom cyclonedxmcp sbomsbom server

MCP SBOM Server

Python MCP

MCP server to perform a Trivy scan and produce an SBOM in CycloneDX format.

Installation

Prerequisites

Install the following.

MCP Clients

Configuration

"mcpServers": {
        "mcp-sbom": {
            "command": "uv",
            "args": [
                "--directory",
                "/path/to/mcp-sbom",
                "run",
                "mcp-sbom"
            ]
        }
    }

Building

[!NOTE] This project employs uv.

  1. Synchronize dependencies and update the lockfile.
uv sync

Debugging

MCP Inspector

Use MCP Inspector.

Launch the MCP Inspector as follows:

npx @modelcontextprotocol/inspector uv --directory /path/to/mcp-sbom run mcp-sbom

Windows

When running on Windows, use paths of the style:

C:/Users/gkh/src/mcp-sbom-server/src/mcp_sbom

See Also

MCP
Mcp-sbom-server Mcp
MCP
Servers Mcp
MCP
Mcp-sbom-server Mcp
Man Pages
ironic Man Pages
Windows
Windows PNG Icons
MCP
Directory Mcp
Man Pages
clients.conf Man Pages
Installerpedia
aquasecurity/trivy Installerpedia
Installerpedia
lucasg/Dependencies Installerpedia
← Back to Data Analytics🙏  Credits & Acknowledgments
`