AIBOM Documentation

AIBOM is the only AI Bill of Materials tool with native bulk GitHub scanning. Inventory AI models, agents, and security risks across your entire organization in one command.

Quickstart

Choose your workflow: scan a single repo locally, or bulk scan your entire GitHub organization.

Option 1: Local Repository Scan

# Install and scan current directory
pip install aibom
aibom generate . --output AI_BOM.json

Option 2: Bulk GitHub Scan (Unique Feature)

# Scan multiple GitHub repos with risk gates
aibom scan-github \
  --repo owner/repo1 \
  --repo owner/repo2 \
  --output-dir results/ \
  --max-high-risk 0 \
  --fail-on new-external-provider

What is AIBOM?

AIBOM is an AI inventory and risk analyzer, a tool that scans your codebase to discover AI models, agents, prompts, and tools while assessing security risks. While traditional SBOM tools track dependencies, they miss critical AI-specific components like:

• Large Language Models (LLMs) and their providers
• AI agents and their configurations
• Prompt templates and system prompts
• Vector stores and embedding models
• AI tools and external APIs

AIBOM detects these components across Python, JavaScript/TypeScript, Java, Go, and .NET codebases, providing complete visibility into your AI supply chain.

Installation

From Source

git clone https://github.com/akumar0205/AIBOM.git
cd AIBOM
pip install -e .

Docker

docker build -f deploy/Dockerfile -t aibom .
docker run --rm -v $(pwd):/workspace aibom generate /workspace -o /out/aibom.json

CLI Reference

generate

Generate an AIBOM document from your codebase.

aibom generate [TARGET] [OPTIONS]

Options

• -o, --output - Output file path (default: AI_BOM.json)
• --profile - Output profile: canonical or ai-bom-like
• --include-prompts - Include prompt content (requires acknowledgment)
• --acknowledge-prompt-exposure-risk - Acknowledge risk of exposing prompts
• --include-runtime-manifests - Include runtime dependency manifests
• --redaction-policy - Evidence redaction policy (strict/default/off)
• --audit-mode - Enable audit mode with full evidence collection
• --bundle-out - Create evidence bundle at specified path
• --risk-policy - Path to custom risk policy file
• --fail-on-unsupported-threshold - Fail if unsupported artifacts exceed threshold

Examples

# Basic generation
aibom generate . -o AI_BOM.json

# Generate with executive-friendly profile
aibom generate . --profile ai-bom-like -o AI_BOM.json

# Audit mode with evidence bundle
aibom generate . --audit-mode --bundle-out evidence.zip

# Include runtime manifests
aibom generate . --include-runtime-manifests

# Custom risk policy
aibom generate . --risk-policy policy.json

export

Export AIBOM to standard formats (SPDX, CycloneDX, SARIF, VEX).

aibom export --input AI_BOM.json --format spdx-json -o SPDX.json

Supported Formats

• spdx-json - SPDX 2.3 JSON format
• cyclonedx-json - CycloneDX 1.5 JSON format
• sarif-json - SARIF 2.1.0 format for security tools
• vex-json - OpenVEX format for vulnerability tracking

validate

Validate an AIBOM document against the JSON schema.

aibom validate AI_BOM.json

diff

Compare two AIBOM documents and detect changes.

aibom diff old.json new.json --fail-on new-model,new-tool,new-external-provider

bundle

Create an evidence bundle with AIBOM, SPDX, and optional diff.

aibom bundle --input AI_BOM.json --out evidence.zip --baseline baseline.json

attest

Sign and verify evidence bundles with X.509 certificates.

# Sign a bundle
aibom attest --bundle evidence.zip --signing-key key.pem --signing-cert cert.pem

# Verify a bundle
aibom attest --bundle evidence.zip --signature evidence.zip.sig --signing-cert cert.pem --verify

risk

Show risk findings from an AIBOM document.

aibom risk --input AI_BOM.json

# With custom risk policy
aibom risk --input AI_BOM.json --risk-policy policy.json

periodic-scan

Schedule recurring scans with trend analysis.

aibom periodic-scan . --output periodic_scan.json --interval daily

# With history window
aibom periodic-scan . --history-window 10 --interval daily

scan-github

Bulk scan GitHub repositories and aggregate outputs. Clone repositories into a temp workspace, run AIBOM generation, and emit per-repo outputs plus summary files.

# Scan a single repository
aibom scan-github --repo openai/openai-quickstart-python --output-dir out

# Scan multiple repositories
aibom scan-github --repo owner/repo1 --repo owner/repo2 --output-dir out

# Scan from file with risk gates
aibom scan-github --repos-file repos.txt --max-high-risk 5 --max-unsupported 10

# With drift detection
aibom scan-github --repo owner/repo --baseline baseline.json --fail-on new-model,new-tool

Options

• --repo - GitHub repo in owner/name format (repeatable)
• --repos-file - File containing owner/name repos, one per line
• --output-dir - Output directory (default: github_scan_out)
• --branch - Specific branch to checkout
• --depth - Git clone depth (default: 1)
• --max-repos - Maximum number of repos to scan
• --timeout-sec - Timeout per repo in seconds (default: 180)
• --profile - Output profile: canonical or ai-bom-like
• --max-high-risk - Fail when high/critical risks exceed this number
• --max-unsupported - Fail when unsupported artifacts exceed this number
• --baseline - Optional baseline AIBOM for drift checks
• --fail-on - Comma-separated drift gates

summarize

Print an AI BOM-like summary from an existing AIBOM JSON file.

# Print text summary
aibom summarize --input AI_BOM.json

# JSON output for programmatic use
aibom summarize --input AI_BOM.json --json

AI BOM-Like Profile

AIBOM can generate an executive-friendly companion presentation profile alongside the canonical AIBOM JSON. This profile format provides a condensed view of AI assets, risk highlights, and detector coverage metrics designed for quick consumption by security teams and executives.

Generate a Profile

# Generate both canonical AIBOM and AI BOM-like profile
aibom generate . --profile ai-bom-like -o AI_BOM.json

# The profile will be saved as AI_BOM_ai_profile.json
aibom scan-github --repo owner/repo --profile ai-bom-like --output-dir out

Profile Structure

The AI BOM-like profile includes:

• Executive Summary - Counts of models, tools, datasets, frameworks, prompts, and risk findings
• AI Assets - Sorted lists of detected models, tools, datasets, and frameworks with source locations
• Risk Highlights - Top risk findings by severity with scores and rule IDs
• Provenance & Compliance - Runtime context and risk policy information
• Detector Coverage - Files scanned and findings per detector type

Risk Analysis

AIBOM includes built-in risk analysis aligned with the OWASP LLM Top 10. The following risk rules are included by default:

Built-in Risk Rules

• Third-Party Provider (LLM07) - Detects external model providers like OpenAI, Anthropic
• Exfiltration Surface (LLM06) - Identifies tools that may leak sensitive data
• Prompt Injection Surface (LLM01) - Flags prompt templates that may be vulnerable

Custom Risk Policies

You can define custom risk policies in JSON or YAML format:

{
  "policy_id": "org-risk-rules",
  "version": "2026.03",
  "rule_overrides": {
    "third-party-provider": {
      "severity": "high",
      "threshold": 1,
      "allowlist": [
        {
          "entity_type": "model",
          "name": "ChatOpenAI",
          "source_file": "app.py",
          "reason": "approved-external-provider"
        }
      ]
    }
  }
}

CI/CD Integration

GitHub Actions

name: AIBOM Security Check
on: [pull_request]

jobs:
  aibom:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.11"
      - run: pip install aibom
      - run: aibom generate . -o new_aibom.json
      - run: |
          aibom diff .aibom/baseline.json new_aibom.json \
            --fail-on new-model,new-tool,new-external-provider

Drift Detection

Use aibom diff to detect changes between AIBOM versions and gate your CI/CD pipeline:

aibom diff baseline.json new.json --fail-on new-model,new-tool,new-external-provider