Generates Software Bill of Materials in CycloneDX 1.6 and SPDX 2.3 formats, addressing requirements from Executive Order 14028, NIS2, and the EU Cyber Resilience Act. Useful when you need to document dependencies for compliance audits, security assessments, or regulatory submissions. The server validates SBOM structure and exports standardized manifests that procurement and security teams expect. Installs via pip and runs over stdio transport. Part of MEOK AI Labs' compliance-focused tooling, so expect additional EU AI Act oriented features bundled in. Reach for this when you're dealing with government contracts, regulated industries, or supply chain transparency requirements where machine-readable dependency declarations are mandatory.
claude mcp add --transport stdio csoai-org-sbom-cyclonedx-mcp uvx sbom-cyclonedx-mcp