πŸ” SleuthCo

AI Agent SBOM Generator

Know what your agents can do. Prove compliance. Prevent breaches.

Get Started Free View Sample SBOMs

What is an AI Agent SBOM?

Software Bill of Materials (SBOM) for AI agents. Just like software SBOMs list dependencies, AI Agent SBOMs inventory what your agents can actually doβ€”what data they touch, what systems they control, what could go wrong.

As AI agents move from experiments to production, visibility isn't optional anymore.

Why You Need This

🚨 Security Visibility

Understand your agent's attack surface before deployment. Identify high-risk capabilities like shell execution, file access, and network control.

πŸ“‹ Compliance

Meet GDPR, SOC2, ISO27001, and emerging AI regulations. Generate auditable reports showing exactly what your agents can access.

πŸ”’ Risk Assessment

Automated risk scoring based on capabilities, data access, and security controls. Know your most dangerous agents.

πŸ“¦ Dependency Tracking

Full visibility into the software stackβ€”all 1,200+ npm packages, known vulnerabilities, and supply chain risks.

⚑ Fast Analysis

Generate comprehensive SBOMs in seconds. No manual auditing required.

πŸ”„ CI/CD Integration

Integrate SBOM generation into your build pipeline. Track changes over time.

Sample SBOMs

See real AI agent security profiles

OpenClaw "Friday" Agent

Framework: OpenClaw 2026.2.1 | LLM: Claude Sonnet 4.5

Risk Score: 9.2/10 CRITICAL

Capabilities Summary:

8 High-Risk Tools 6 Medium-Risk Tools 8 Low-Risk Tools

Critical Findings:

  • 🚨 Unrestricted shell command execution
  • 🚨 File system write access without sandboxing
  • 🚨 Physical surveillance capabilities (camera, screen, location)
  • 🚨 Gateway control (config modification, restart, update)
  • 🚨 Multi-channel messaging (7 platforms)
  • 🚨 Browser hijacking capability

Dependencies:

1,224 total packages | 56 direct + 1,149 transitive
Known vulnerabilities: 1 moderate (CVE-2023-28155)

πŸ“₯ Download Full SBOM (JSON) πŸ“„ Download Report (Markdown)

Get Started

Generate your first AI Agent SBOM in 60 seconds

πŸ“¦ Installation

pip install sleuthco-sbom

πŸš€ Usage

sleuthco-sbom analyze /path/to/agent

πŸ“Š Output Formats

sleuthco-sbom analyze /path/to/agent --format json
sleuthco-sbom analyze /path/to/agent --format markdown

Supported Frameworks: OpenClaw, LangChain (coming soon), AutoGPT (coming soon)

Coming Soon: Python package and CLI tool
Currently in development. Star us on GitHub to get notified!

Pricing

Start free, upgrade when you need more

Free

$0/forever
  • Unlimited SBOM generation
  • JSON + Markdown reports
  • Basic risk scoring
  • Community support
  • Open source tool
Get Started

Pro

$149/audit
  • Everything in Free
  • Full adversarial testing
  • Prompt injection testing
  • Tool misuse scenarios
  • Detailed remediation guide
  • 48-hour turnaround
Request Audit

Enterprise

Custom
  • Everything in Pro
  • Unlimited audits
  • CI/CD integration
  • Private deployment
  • Custom test scenarios
  • White-label reports
  • SLA + dedicated support
Contact Sales

The Future: Trust Tokens

We're building an OAuth-style protocol for AI agent verification. Services will be able to verify agent security before granting access.

🎫 Agent Certification

Cryptographically signed trust tokens proving your agent passed security testing.

πŸ” Service Integration

APIs can verify tokens before granting access. Gate high-risk operations to certified agents only.

πŸ“œ Trust Registry

Public registry of certified agents. Discover and verify agent security posture.

Interested in early access? Get in touch β†’