Skip to main content

/

/

Stats

Actions

Tags

Stats

Actions

Tags

ClaudePluginHub

Community directory for discovering and installing Claude Code plugins.

Find plugins for your project

AI-powered recommendations based on your stack.

Product

Browse Plugins
Marketplaces
Pricing
About
Contact

Resources

Learning Center
Blog
Weekly Digest
Claude Code Docs
Plugin Guide
Plugin Reference
Plugin Marketplaces

Community

Browse on GitHub
Get Support

Legal

Terms of Service
Privacy Policy

Browse · Plugins · Top Plugins · Marketplaces · Components · Technologies · Skills · Agents · Commands · Hooks · MCP Servers · LSP Servers · Output Styles · Themes · Monitors

Categories · Productivity · Development · Testing · Deployment · Security · Documentation · Data · Utilities

© 2025 ClaudePluginHub

Community Maintained · Not affiliated with Anthropic

ClaudePluginHub

ClaudePluginHub

Tools Learn Pricing

Search everything...

sbom-awareness | SBOM Emitter

Home
Skills
SBOM Emitter
sbom-awareness

Skill

sbom-awareness

From SBOM Emitter

Generates a CycloneDX SBOM (bom-npm.cdx.json or bom-pip.cdx.json) for the current repo by detecting npm or pip ecosystem and shelling out to the matching tool. Use when the developer asks for an SBOM, runs the release workflow, or needs to satisfy CISA SBOM / EU CRA requirements. Auto-fires on tag push via release.yml. Do not use for license compliance scanning (see license-gate).

Popularity

Parent stars

1

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/sbom-emitter:sbom-awareness

User invocable

Model invocable

Inline context

Default effort

Tool Access

This skill is limited to the following tools:

ReadBash

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

- Repo has either `package.json` (npm) OR `pyproject.toml` / `requirements*.txt` (pip).

SKILL.md

32 lines · ~295 tokens

Stats

LanguagePython

Parent stars1

MaintenanceGood

Last CommitMay 13, 2026

Actions

View Source View Plugin View on GitHub View README

Stats

LanguagePython

Parent stars1

MaintenanceGood

Last CommitMay 13, 2026

Actions

View Source View Plugin View on GitHub View README

sbom-awareness

Preconditions

Repo has either package.json (npm) OR pyproject.toml / requirements*.txt (pip).
For npm: npx available.
For pip: cyclonedx-bom installed (pip install cyclonedx-bom).

Steps

Run bash ${CLAUDE_PLUGIN_ROOT}/scripts/check-tools.sh to verify tooling.
Run bash ${CLAUDE_PLUGIN_ROOT}/scripts/emit-sbom.sh <repo-root>.
Confirm bom-npm.cdx.json and/or bom-pip.cdx.json exist at repo root.
Report component count to the developer.

Failure modes

Tool missing → advisory with install hint, exit 0.
Unsupported ecosystem (no manifests detected) → advisory, exit 0.
Both ecosystems present → emit one SBOM per ecosystem with suffixes.

Similar Skills

pdf

150.3k

Reads, extracts text/tables, merges, splits, rotates, watermarks, creates, fills forms, encrypts/decrypts, extracts images, and OCRs PDFs using Python libraries (pypdf, pdfplumber).

11 files

ui-ux-pro-max

90.2k

Provides UI/UX resources: 50+ styles, color palettes, font pairings, guidelines, charts for web/mobile across React, Next.js, Vue, Svelte, Tailwind, React Native, Flutter. Aids planning, building, reviewing interfaces.

View ui-ux-pro-max

context7-mcp

55.5k

Fetches up-to-date documentation from Context7 for libraries and frameworks like React, Next.js, Prisma. Use for setup questions, API references, and code examples.

context7-plugin

View context7-mcp

$

npx claudepluginhub enchanter-ai/hydra --plugin sbom-emitter