SBOMApp - SBOM Generator & Vulnerability Scanner

SBOM MCP Server - SBOMApp MCP Server brings software supplychain security assistant inside VS Code. With a simple natural language prompt, developers can instantly generate SBOMs (SPDX/CycloneDX), scan for CVEs, Verify Licence Compliance, and get actionable remediation guidance.

Evaluated Mar 21, 2026 (0d ago)
Repo ↗ Auth
⚙ Agent Friendliness
80
/ 100
Can an agent use this?
🔒 Security
56
/ 100
Is it safe for agents?
⚡ Reliability
48
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
--
Documentation
--
Error Messages
--
Auth Simplicity
90
Rate Limits
75

🔒 Security

TLS Enforcement
70
Auth Strength
60
Scope Granularity
50
Dep. Hygiene
50
Secret Handling
50

⚡ Reliability

Uptime/SLA
40
Version Stability
60
Breaking Changes
50
Error Recovery
40
AF Security Reliability

Interface

REST API
Yes
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: api_key
OAuth: No Scopes: No

Pricing

Model: free
Free tier: Yes
Requires CC: No

Agent Metadata

Idempotent
Unknown
Retry Guidance
Not documented

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for SBOMApp - SBOM Generator & Vulnerability Scanner.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-21.

5236
Packages Evaluated
0
Need Evaluation
586
Need Re-evaluation
Community Powered