agent-bom runtime

AI runtime security monitoring — context graph analysis, runtime audit log correlation with CVE findings, and vulnerability analytics queries. Use when the u...

AI运行时安全监控——上下文图分析、运行时审计日志与CVE漏洞关联分析，以及漏洞分析查询。

msaad00

安全合规 clawhub v0.88.5 12 版本 99945.4 Key: 无需

★ 0

Stars

📥 1,831

下载

💾 7

安装

版本

#latest

概述

agent-bom-runtime — AI Runtime Security Monitoring

Context graph analysis, runtime audit log correlation with CVE findings, and

vulnerability analytics queries.

Install

pipx install agent-bom

Tools (3)

Tool	Description
------	-------------
`context_graph`	Agent context graph with lateral movement analysis
`analytics_query`	Query vulnerability trends, posture history, and runtime events
`runtime_correlate`	Cross-reference runtime audit logs with CVE findings

Example Workflows

# Build context graph from scan results
context_graph()

# Correlate runtime audit with CVE data
runtime_correlate(audit_file="proxy-audit.jsonl")

# Query analytics
analytics_query(query="top_cves", days=30)

Privacy & Data Handling

Operates on scan results already in memory and user-provided audit log files.

No automatic file discovery. No network calls unless you configure an optional

ClickHouse endpoint for persistent analytics.

Verification

Source: github.com/msaad00/agent-bom (Apache-2.0)
7,100+ tests with CodeQL + OpenSSF Scorecard
No telemetry: Zero tracking, zero analytics

版本历史

共 12 个版本

v0.88.5 当前

2026-06-01 20:14

v0.88.4

2026-05-26 22:37

v0.88.3

2026-05-26 17:09

v0.88.1

2026-05-23 15:39 安全安全

v0.87.1

2026-05-19 10:26 安全安全

v0.86.2

2026-05-08 12:17 安全安全

v0.86.1

2026-05-07 03:20 安全安全

v0.84.6

2026-05-03 02:58 安全安全

v0.83.3

2026-04-30 22:09 安全安全

v0.75.8

2026-03-29 10:49

v0.71.0

2026-03-18 21:59

v0.70.6

2026-03-14 03:33

安全检测

腾讯云安全 (Keen)

队列中

腾讯云安全 (Sanbu)

队列中

🔗 相关推荐

agent-bom vulnerability intel

msaad00

使用 agent-bom 检查包、SBOM、库存和代理依赖的暴露，针对OSV、GitHub 安全公告、NVD、EPSS 和 CISA KEV，明确...

★ 0 📥 1,017

security-compliance

OpenClaw Backup

alex3alex

备份与恢复 OpenClaw 数据。适用于创建备份、设置自动备份计划、从备份恢复或管理备份轮转。处理 ~/.openclaw 目录归档并包含适当的排除规则。

★ 89 📥 30,586

security-compliance

Skill Vetter

spclaudehome

AI智能体技能安全预审工具。安装ClawdHub、GitHub等来源技能前，检查风险信号、权限范围及可疑模式。

★ 1,210 📥 266,160