sbom-supply-chain
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides educational and instructional content regarding Software Bill of Materials (SBOM) generation and provenance verification.
- [COMMAND_EXECUTION]: Example commands use standard industry tools (syft, cosign) for artifact signing and verification. These are presented as benign examples for a DevOps workflow.
- [DATA_EXFILTRATION]: No unauthorized file access or network exfiltration patterns were identified in the instructions or example commands.
- [PROMPT_INJECTION]: The content does not contain instructions aimed at bypassing AI safety protocols or overriding the agent's core instructions.
Audit Metadata