Models
32openai/gpt-4o-minisrc/lib/chat.ts:23governedmeta-llama/Llama-3.1-8Bmodels/local.ggufshadowanthropic/claude-3-7-sonnetapps/agent/index.ts:11governed
AI-BOM scanner
Find every AI in your code.Before your auditor does.
One scan, no questionnaire. Every model, dataset, prompt, agent, MCP server and guardrail catalogued. The EU AI Act Annex IV evidence lands in your build artifacts.
6asset types
Annex IVevidence pack
CycloneDXexport format
What lands in the inventorySAMPLE
- ModelsOpenAI · Anthropic · HuggingFace · local GGUF0
- Datasetstraining, fine-tune, eval, RAG corpora0
- Promptsversioned system + user templates0
- AgentsReAct · LangChain · LlamaIndex · CrewAI0
- MCP serverstools the agents call out to0
- GuardrailsLlama Guard · Guardrails AI · NeMo0
cybedefend ai-bom · scan complete
Every footprint, every provenance.
Six categories, every item pinned to a file and a line. Status flags every component without a model card, a license, a scope, or a version.
Datasets
11wikipedia-en-2024notebooks/finetune.ipynbgovernedcustomer_chats_v2data/training.parquetshadowhf://glaive/code-instructscripts/data.py:8governed
Prompts
47chat-system@v3prompts/system.mdgovernedextract-piilib/pii.ts:17drifttriage-flow@v7agents/triage.yamlgoverned
Agents
9LangChain ReActapps/agent/main.pygovernedLlamaIndex query engineapps/rag/server.tsshadowCustom MCP hostservices/mcp-host/governed
MCP servers
6mcp://github.local:7001agents/.mcp.jsongovernedmcp://internal-tools.cybeapps/agent/mcp.tomlgovernedmcp://prod-postgresinfra/mcp.ts:42shadow
Guardrails
3Llama Guard 3 8Binfra/guardrails.ts:9governedGuardrails AI · OutputParserlib/safety.ts:14governed(none)apps/legacy-agent/missing
EU AI Act Annex IV evidence. One scan to ship it.
Each scan emits a full compliance report mapped to Regulation (EU) 2024/1689. Hand it to legal, your auditor or your customer's security questionnaire.
CYBEDEFEND
EU AI Act Compliance Report
Executive SummaryAction Required
One or more prohibited or high-risk components detected. Review §4 — these require action before deployment.
Total components171
GPAI components104
Systemic risk3
StatusAction Required
By risk category (Art. 5/6/50)
§1 — General description of the AI system (Annex IV §1)171 AI components detected, sorted by risk severity.
| Component | Type | Risk |
|---|---|---|
acme/behavioral-social-scor-v2 | ML model | Prohibited |
acme/credit-scorer-v2 | ML model | High |
acme/customer-chatbot-v4 | ML model | Limited |
openai/gpt-4o-mini | ML model | Minimal |
anthropic/claude-sonnet-4-5 | ML model | Minimal |
+166 more components in the full report
Run it where you ship. GitHub Actions, GitLab CI, Jenkins, Tekton.
Add the cybedefend-action to your GitHub workflow, or call the CybeDefend CLI from any other pipeline. The AI-BOM scan runs on every push and the build gate fails when a new prohibited or high-risk component lands without governance documentation.
.github/workflows/ai-bom.yml
- name: CybeDefend Security Scan
uses: CybeDefend/cybedefend-action@v2
with:
pat: ${{ secrets.CYBEDEFEND_PAT }}
project_id: ${{ secrets.CYBEDEFEND_PROJECT_ID }}
branch: ${{ github.ref_name }}
break_on_severity: highEU AI Act enters force. Audits arrive without warning.
Three reasons AI-BOM is the entry-point governance tool, not an afterthought.
Discovery first
Every model, dataset, prompt, agent, MCP server and guardrail surfaced automatically. No questionnaire, no spreadsheet, no interview round with each team.
EU AI Act Annex IV native
Every Annex IV section has a corresponding emit rule. Article 11 documentation moves from a quarterly project to a CI artefact.
NIST AI RMF aligned
Each component is tagged against the Govern / Map / Measure / Manage functions. Mapping report exports next to the SBOM.
FAQ
What AI-BOM catches, what it does not.
What exactly does AI-BOM detect?
Models referenced by name (HuggingFace IDs, OpenAI / Anthropic / Google model strings, local .gguf / .onnx weights), datasets referenced in code or config, versioned prompts shipped in the repo, MCP server URLs consumed by your agents, LangChain and LlamaIndex graphs, agent orchestration frameworks (Semantic Kernel, AutoGen, CrewAI, custom ReAct), and guardrails libraries in use (Llama Guard, NeMo, Guardrails AI). Each item lands in the inventory with its source location, version pin, and a heuristic classification.
Is AI-BOM required by the EU AI Act?
Article 11 and Annex IV of the EU AI Act require a technical documentation pack for high-risk AI systems before they enter the EU market. That pack enumerates models, training data sources, intended use, performance metrics, and risk-management measures. AI-BOM produces the evidence in machine-readable form, so the documentation step becomes an export instead of a quarterly project.
How does it integrate into CI/CD?
Add the cybedefend-action to your GitHub workflow, or call the CybeDefend CLI from any other pipeline (GitLab CI, Jenkinsfile, Tekton). The scan runs on every push, the report is published as a build artifact, and the gate exits non-zero when a new prohibited or high-risk component lands without governance documentation.
What is the difference between AI-BOM and SBOM?
SBOM lists software components and CVEs. AI-BOM lists AI components and their AI-specific governance facets: training data origin, fine-tune lineage, prompt versions, agent capability scope, guardrails coverage, residual risk. They are complementary; CybeDefend produces both, and the AI-BOM output is also exportable as CycloneDX so it slots into your existing SBOM tooling.
Does AI-BOM train on our code?
No. The scan reads your repository and produces a structured inventory; source code does not leave your environment. The optional dashboard receives metadata only (component names, versions, risk classification), never raw code or prompt content.
From shadow AI to governed
Run the scan. See your AI inventory in 4 seconds.
Free first scan. No credit card. The evidence pack lands in ./.ai-bom/ before your coffee is done.