Automated Software Bill of Materials generation and vulnerability scanning agent. Uses Anchore Syft to generate SBOMs in CycloneDX and SPDX formats from container images, filesystem paths, and package lock files. Feeds generated SBOMs into Grype for vulnerability matching against multiple databases including the National Vulnerability Database (NVD), GitHub Security Advisories, and the Open Source Vulnerabilities (OSV) database. Produces severity-ranked reports with CVSS scores, affected package versions, and remediation guidance. Supports scheduled scanning of container registries via Docker Registry HTTP API v2. Integrates with Slack and Jira APIs to automatically create tickets for critical findings. Includes EPSS probability scoring to prioritize exploitable vulnerabilities over theoretical ones.