What is an AI Bill of Materials (AI-BOM)?

An AI-BOM is a machine-readable inventory of every component in your AI agent stack: which MCP servers, skills, models, tools, permissions, and dependencies are running. It extends the SBOM concept to AI-specific components. Firmis generates CycloneDX 1.7 AI-BOMs with a firmis:agent:* property namespace.

Do compliance frameworks require an AI-BOM?

Yes, increasingly. The EU AI Act (2026 compliance deadline), SOC2 AI control requirements, and GDPR data processing inventory requirements are all pushing organizations toward documented AI component inventories. Auditors ask "what AI tools are you running?" An AI-BOM answers that precisely.

How do I generate an AI-BOM with Firmis?

Run npx firmis discover to find all AI components in your environment, then npx firmis bom to generate a CycloneDX 1.7 AI-BOM. The output file (agent-bom.cdx.json) is standards-compliant, machine-readable, and auditor-friendly.

Back to Journal

Agentic SecurityJanuary 8, 2026·7 min read

What Is an AI-BOM and Why Your Agent Stack Needs One

An AI Bill of Materials is a machine-readable inventory of every component in your agent stack. Here's why compliance auditors are starting to ask for one.

TL;DR

An AI-BOM (AI Bill of Materials) is a machine-readable inventory of every component in your agent stack
Compliance frameworks (EU AI Act, SOC2) are starting to require it
CycloneDX 1.7 is the emerging standard - Firmis generates it automatically
You can't secure what you can't see. The BOM makes your agent stack visible.

What is an AI-BOM?

A Software Bill of Materials (SBOM) lists every library in your app. An AI-BOM extends this to your agent stack: which MCP servers, which skills, which models, which tools, which permissions.

It's the foundation for auditing agent security. You can't protect what you can't inventory.

Why It Matters Now

2026

EU AI Act Compliance

SOC2

AI Control Requirements

GDPR

Data Processing Inventory

Compliance frameworks are catching up to AI agents. The first question auditors ask: "What AI tools are you running?" If you can't answer precisely, you have a compliance gap.

What Goes in an AI-BOM

Agent platforms

OpenClaw, MCP, Claude, etc.

Installed tools

Version + source + publisher

Permissions

What each tool can access

Model files

Provenance + format

Dependencies

npm, pip packages

Configs

File locations + settings

CycloneDX 1.7: The Standard

CycloneDX is the industry standard for SBOMs. Version 1.7 added AI/ML component types. Firmis generates CycloneDX 1.7 AI-BOMs with a firmis:agent:* property namespace - machine-readable, auditor-friendly, standards-compliant.

Generate Your First AI-BOM

Terminal

$ npx firmis discover

Found: 12 OpenClaw skills, 5 MCP servers, 3 Claude configs

$ npx firmis bom

Generated: agent-bom.cdx.json (CycloneDX 1.7)

Components: 20 tools, 47 dependencies, 8 configs

From Inventory to Action

firmis discover

- Find all AI components in your environment

firmis bom

- Generate CycloneDX 1.7 AI-BOM

firmis scan

- Scan for threats across all components

firmis fix

- Auto-remediate findings

firmis monitor

- Watch for changes continuously

You can't secure what you can't see. An AI-BOM makes your agent stack visible.

PreviousOpenClaw Security: Built-in Audit vs Full Stack Scanning

NextThe OpenClaw Crisis: What the First AI Agent Security Nightmare Means for Your Business

Try It Now

Find out if your agent stack is safe

One command. 30 seconds. Free.

$npx firmis-cli scan

Fix and Monitor included with Pro

View pricing