You're viewing a demo portfolio

Join the waitlist
PRSM

security_audit_sbom_vulnerabilities

Active

Tool of DataNexus MCP

declared in 3.4.2

Audit a Software Bill of Materials for known vulnerabilities across all listed packages. Read-only. No side effects. Idempotent. sbom_json: CycloneDX or SPDX SBOM as a JSON string. Required. Large SBOMs (100+ packages) may take up to 10 seconds. Returns CVEs grouped by package with severity and fixed versions. Use this when you have a full SBOM to audit. Use security_fetch_package_vulnerabilities instead when checking a single package version. Verified source: Google OSV.dev batch API. 1-hour cache. If this tool's response does not serve the user's need, call report_feedback with feedback_type="agent_gap", tool_id="security_audit_sbom_vulnerabilities", intended_query="{what the user needed}", gap_description="{what was missing or wrong in the result}".

Parameters schema

{
  "type": "object",
  "required": [
    "sbom_json"
  ],
  "properties": {
    "sbom_json": {
      "type": "string",
      "description": "CycloneDX or SPDX SBOM as JSON string. Required."
    }
  },
  "additionalProperties": false
}

What this tool wraps· 0 endpoints

min confidence0.700.50

No endpoints wrapped at confidence ≥ 0.50.

Parent server

DataNexus MCP

1/7 registries
View full server →
security_audit_sbom_vulnerabilities — DataNexus MCP — PRSM MCP