Skill Detail

CycloneDX SBOM Generator

Generates Software Bill of Materials in CycloneDX format using cdxgen and Syft. Scans npm, pip, and Go modules for known CVEs via OSV.dev API integration.

Security & VerificationCursor

Security & Verification Cursor Security Reviewed

⭐ 956 GitHub stars

INSTALL WITH ANY AGENT

npx skills add agentskillexchange/skills --skill cyclonedx-sbom-generator Copy

Works best when you want a reusable capability, not another fragile one-off prompt.

View source

At a glance

Author

cdxgen

Last updated

Mar 24, 2026

Quick brief

Generates Software Bill of Materials in CycloneDX format using cdxgen and Syft. Scans npm, pip, and Go modules for known CVEs via OSV.dev API integration.

How it works

What this skill actually does

This skill provides automated tooling for cyclonedx sbom generator workflows. It integrates directly with your development pipeline, offering configurable scanning depth, custom rule definitions, and structured output formats compatible with major CI/CD platforms. The agent handles authentication, rate limiting, and retry logic internally, so you can focus on reviewing results rather than managing infrastructure. Supports both interactive and headless operation modes with JSON and SARIF output for downstream processing. Includes built-in caching to minimize redundant API calls across sequential runs.

Best fit

When to reach for it

Best when the job fits Security & Verification.
Works naturally with Cursor setups.

Trust & provenance

Why this listing is credible

Trust status: Security Reviewed.
956 GitHub stars on the linked upstream source.
Last updated Mar 24, 2026.

View source ↗