mcp-sbom-server
If you are the rightful owner of mcp-sbom-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.
MCP SBOM Server is designed to perform a Trivy scan and produce an SBOM in CycloneDX format.
The MCP SBOM Server is a specialized server that utilizes the Model Context Protocol (MCP) to perform security scans using Trivy and generate Software Bill of Materials (SBOM) in the CycloneDX format. This server is built on Python 3.12 and MCP 1.6, ensuring compatibility with modern software environments. It leverages the capabilities of the 'uv' tool for managing dependencies and running the server, while Trivy is used for scanning vulnerabilities. The server is designed to be easily configurable and integrates seamlessly with existing MCP clients. It is particularly useful for developers and security professionals who need to maintain a comprehensive inventory of software components and their associated vulnerabilities.
Features
- Trivy Integration: Utilizes Trivy for comprehensive vulnerability scanning.
- CycloneDX Format: Generates SBOMs in the widely-used CycloneDX format.
- MCP Compatibility: Built on MCP 1.6 for seamless integration with MCP clients.
- Python 3.12: Developed using the latest Python version for enhanced performance.
- Dependency Management: Uses 'uv' for efficient dependency synchronization.