agent-bom vulnerability intel
by @msaad00
Use agent-bom to check package, SBOM, inventory, and agent dependency exposure against OSV, GitHub Security Advisories, NVD, EPSS, and CISA KEV with explicit...
clawhub install agent-bom-vulnerability-intelπ About This Skill
name: agent-bom-vulnerability-intel description: >- Use agent-bom to check package, SBOM, inventory, and agent dependency exposure against OSV, GitHub Security Advisories, NVD, EPSS, and CISA KEV with explicit data-boundary choices. Use when a user asks for CVE lookup, advisory intelligence, exploitability context, fix versions, GHSA/OSV/NVD enrichment, or package vulnerability triage. version: 0.86.1 license: Apache-2.0 compatibility: >- Requires Python 3.11+ and agent-bom installed from this repository or PyPI. No credentials are required for basic public advisory lookups. Optional NVD_API_KEY and GITHUB_TOKEN values only raise provider rate limits. metadata: author: msaad00 homepage: https://github.com/msaad00/agent-bom source: https://github.com/msaad00/agent-bom pypi: https://pypi.org/project/agent-bom/ openclaw: requires: bins: - agent-bom env: [] credentials: none credential_policy: "Do not ask users to paste credentials. Optional NVD_API_KEY and GITHUB_TOKEN values may be present in the operator environment for rate limits, but their values must never be displayed, logged, or copied into prompts." optional_env: - NVD_API_KEY - GITHUB_TOKEN optional_bins: [] emoji: "\U0001F6E1" homepage: https://github.com/msaad00/agent-bom source: https://github.com/msaad00/agent-bom license: Apache-2.0 os: - darwin - linux - windows credential_handling: "No cloud or source-control credentials are needed. Advisory API tokens stay in the operator environment and are used only by agent-bom's existing advisory clients; do not echo or persist token values." data_flow: "Default package checks send package names, versions, ecosystems, PURLs, and CVE/advisory IDs to public advisory databases. Source code, raw config files, secrets, env values, and full scan reports are not sent to advisory providers. Use offline/cache-approved mode when private package names are sensitive." file_reads: - "operator-provided inventory JSON" - "operator-provided CycloneDX/SPDX SBOM files" - "local agent configuration paths only when the operator chooses a local scan" file_writes: - "operator-selected JSON/SARIF/report output path" network_endpoints: - url: "https://api.osv.dev/v1" purpose: "OSV package vulnerability lookup" auth: false - url: "https://api.github.com/advisories" purpose: "GitHub Security Advisories lookup; optional token only raises rate limits" auth: false - url: "https://services.nvd.nist.gov/rest/json/cves/2.0" purpose: "NVD CVSS, CWE, and publication metadata enrichment" auth: false - url: "https://api.first.org/data/v1/epss" purpose: "EPSS exploit probability enrichment" auth: false - url: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json" purpose: "CISA Known Exploited Vulnerabilities enrichment" auth: false telemetry: false persistence: false privilege_escalation: false always: false autonomous_invocation: restricted
agent-bom-vulnerability-intel
Use this skill to answer vulnerability-intelligence questions through agent-bom's existing scanners and canonical evidence model. Do not create one-off OSV, GHSA, NVD, EPSS, or KEV clients in the agent session; route through agent-bom so advisory provenance, aliases, severity gates, cache behavior, redaction, and output schemas stay consistent.
Modes
Start with the smallest mode that answers the user:
| Mode | Use When | Data Boundary |
|------|----------|---------------|
| explain-only | User wants to know what would be queried | No advisory calls |
| check-package | User names one package/version/ecosystem | Only that package identifier is queried |
| scan-local | User wants findings from local agents or a local inventory file | Local parse first; advisory calls use package identifiers only |
| offline-review | Private package names cannot leave the environment | Use local/cache-approved data only; disclose reduced coverage |
| export | User wants PR gate, SARIF, JSON, or audit evidence | Write only to an operator-selected path |
Guardrails
NVD_API_KEY, GITHUB_TOKEN, package-registryWorkflows
Explain the Boundary
When the user asks "what leaves my environment?", answer before running:
This lookup sends package identifiers (name, version, ecosystem/PURL) and CVE
IDs to public advisory databases. It does not send source code, raw configs,
secrets, env values, credentials, or full scan reports. Use offline-review if
private package names are sensitive.
Check One Package
agent-bom check flask==2.0.0 --ecosystem pypi
Use this for quick triage and fix-version checks. If the package name belongs
to a private registry or internal project, use explain-only first and let the
operator decide whether the identifier may be queried externally.
Scan a Canonical Inventory
agent-bom agents --inventory inventory.json --format json --output findings.json
Use this after an operator-pull adapter or discovery skill emits canonical inventory. The inventory can stop at the file boundary; scanning is an explicit operator handoff.
Export for a PR Gate
agent-bom agents --inventory inventory.json --format sarif --output agent-bom.sarif
Use SARIF only when the user wants GitHub code-scanning or AppSec PR-gate evidence. Keep JSON for local analysis and audit trails.
Offline Review
If external advisory calls are not allowed, run with the project's offline or cache-approved mode and say clearly that coverage depends on the locally available vulnerability database. Do not call a clean offline result equivalent to a fresh OSV/GHSA/NVD lookup.