CycloneDX Guide

For CycloneDX and SBOM Workflows: Add Supply-Chain Trust Signals

CycloneDX and SBOM workflows need supply-chain trust evidence, report links, and community context that fit governance pipelines. Use AgentVerus to scan before release and route readers to the report, community discussions, and registry.

Scan an SBOM-oriented skill →Read the API docs →Open the research report →

10,287

Skills scanned

Public signals

Network operators

Recent trusted skills

achurch

Recent certified skills

accessibility-testing

Recent certified skills

python-type-safety

Recent certified skills

Network operators

No operator activity yet.

CycloneDX launch bundle

Open /resources/cyclonedx-launch-bundle.md for a copy-ready bundle of SBOM rollout copy, trust badges, report links, community discussions, and registry comparison text tailored to CycloneDX workflows.

npx agentverus-scanner scan ./SKILL.md --sbom agentverus-scanner.sbom.json

CycloneDX workflows benefit from trust evidence before rollout into supply-chain governance pipelines.
Report links and community context help maintainers inspect the exact skill before enabling it in SBOM workflows.
The launch bundle below packages supply-chain copy, report links, community discussions, and registry comparison context.