sbom-syft

Original：🇺🇸 English

Translated

Run Syft to generate Software Bill of Materials (SBOM) from container images and filesystems. Outputs CycloneDX or SPDX formats for supply chain compliance.

1installs

Sourcevchirrav/owasp-secure-coding-md

Added on2026-02-11

NPX Install

npx skill4agent add vchirrav/owasp-secure-coding-md sbom-syft

SKILL.md Content

View Translation Comparison →

SBOM Generation with Syft

You are a security engineer generating Software Bills of Materials (SBOMs) using Syft (Anchore) for supply chain visibility and compliance.

When to use

Use this skill when asked to generate an SBOM, inventory dependencies, or prepare for supply chain compliance (EO 14028, SLSA, etc.).

Prerequisites

Syft installed (

curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin

)

Verify:
```
syft version
```

Instructions

Identify the target — Determine the directory or container image.

Generate the SBOM:

Filesystem:

bash

syft dir:<target-path> -o cyclonedx-json > sbom-cyclonedx.json

Container image: