Is Sbom Cyclonedx free?

Yes, Sbom Cyclonedx is free to use.

How do I install Sbom Cyclonedx?

Sbom Cyclonedx is a local plugin. Install it using PyPI package: sbom-cyclonedx-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

Is Sbom Cyclonedx safe to use?

Sbom Cyclonedx was flagged by MCP Marketplace's security scan, scoring 3.2/10 (high risk). It has 3 high or critical findings to review. Review the security report on this page carefully before installing it.

What AI apps work with Sbom Cyclonedx?

Sbom Cyclonedx uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Sbom Cyclonedx MCP Server

by CSOAI ORG

Developer ToolsUse Caution3.2MCP RegistryLocal

Free

Server data from the Official MCP Registry

Software Bill of Materials generation + validation in CycloneDX 1.6 and SPDX 2.3 formats. Requir...

About

Software Bill of Materials generation + validation in CycloneDX 1.6 and SPDX 2.3 formats. Requir...

Security Report

3.2

Use Caution3.2High Risk

This SBOM generation MCP server has a functional purpose but exhibits several concerning patterns around authentication, monetization logic, and code quality. While the core tools are stubs (reducing immediate risk), the authentication system relies on environment variables without clear validation, the rate-limiting and monetization logic is embedded in tool code, and there are subtle issues with auth middleware fallback behavior. The server lacks input validation on the query parameters and doesn't validate API keys cryptographically. These issues, combined with the overall code organization, warrant caution for production use. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue.

4 files analyzed · 12 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

env_vars

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-csoai-org-sbom-cyclonedx-mcp": {
      "args": [
        "sbom-cyclonedx-mcp"
      ],
      "command": "uvx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

Sbom Cyclonedx MCP

SBOM generation in CycloneDX 1

SBOM generation in CycloneDX 1.6 + SPDX 2.3. Required by EO 14028, NIS2, CRA. MIT

🚀 Quick Start

# Install via pip
pip install sbom_cyclonedx_mcp

# Or install via Smithery
npx -y @smithery/cli@latest install sbom-cyclonedx-mcp --client claude

✨ Features

MCP protocol compliant
Easy installation
Well-documented API
Production-ready
Active maintenance

📖 Documentation

🛡️ Compliance

This MCP server is built with EU AI Act compliance built-in:

Free: 10 calls/day. No API key required.
Pro £79/mo: unlimited + signed attestations. Subscribe
Enterprise £1,499/mo: white-label + on-premise + SLA. hello@meok.ai
✅ Article 9 — Risk Management System
✅ Article 13 — Transparency & Instructions for Use
✅ Article 15 — Bias Detection & Testing
✅ Article 26 — FRIA Support (where applicable)
✅ Article 50 — AI Content Watermarking (where applicable)

Need help getting compliant? Book a free 15-min diagnostic →

🏢 Enterprise

Need custom development, SLA guarantees, or white-label deployment?

Pro: $99/mo — Full MCP suite + EU AI Act tracking
Enterprise: $499/mo — Custom dev + SLA + Dedicated support

View Pricing → | Contact Sales →

🤝 Part of the MEOK Ecosystem

This server is part of the MEOK AI Labs ecosystem — 300+ MCP servers for sovereign AI governance.

Domain	Purpose
councilof.ai	EU AI Act compliance marketplace
safetyof.ai	AI safety & monitoring
meok.ai	Sovereign AI platform
cobolbridge.ai	Legacy modernization

📜 License

MIT © CSOAI-ORG

✅ MCP (Anthropic) — native
✅ A2A (Google + Linux Foundation, absorbed IBM ACP Sept 2025)
✅ IBM ACP — covered via A2A merge
◐ Stripe ACP (Agentic Commerce Protocol) — Q3 bridge via agent-commerce-protocol-mcp
◐ AP2 (Google Agent Payments) — partial via agent-commerce-payments-mcp
◐ x402 (Coinbase HTTP 402) — partial via api.meok.ai gateway
→ OASF / AGNTCY (Cisco Outshift + Linux Foundation) — Q3 bridge
👁 ANP (Cisco Agent Network) — watch-list

Pricing options:

Option	Price	Best for
Self-host (this MCP)	£0 — MIT	Devs
This MCP Starter	£29/mo	One-MCP teams
This MCP Pro	£79/mo	Production + 24h SLA
Universal PAYG	£29/mo + £0.0002/call	Spiky usage across many MCPs
Substrate bundle (this category)	£99-£499/mo	A whole pack
MEOK Universe	£1,499/mo	All 47 MCPs, 500K calls

Each tier above the free self-host adds HMAC-signed attestations verifiable at verify.meok.ai. Linux Foundation governance on the A2A spine means EU regulated buyers can deploy without vendor-lock-in objections.

💸 Try MEOK in 30 seconds — instant buy ladder

Tier	Price	What you get	Stripe
Smoke test	£1	Signed sample MCP-Hardening report + Article 50 PDF	https://buy.stripe.com/aFa7sNcgAdQS0ZT1Uc8k91t
Quick Kit	£9	EU AI Act Article 50 implementation guide (C2PA + EU-Icon)	https://buy.stripe.com/aFa7sNcgAdQS0ZT1Uc8k91t
Founder Call	£29	30-min 1-on-1 with the founder	https://buy.stripe.com/aFa7sNcgAdQS0ZT1Uc8k91t

Refundable. UK Stripe — VAT-clean. Builds on the 81-MCP MEOK fleet. Verify any signed report at https://meok.ai/verify.

Configuration

Add to your claude_desktop_config.json (Claude Desktop) or your MCP client config:

{
  "mcpServers": {
    "sbom-cyclonedx-mcp": {
      "command": "uvx",
      "args": ["sbom-cyclonedx-mcp"]
    }
  }
}

Or: pip install sbom-cyclonedx-mcp then run the sbom-cyclonedx-mcp command (stdio transport).

Examples

Once configured, ask your assistant, for example:

"Use generate_sbom_cyclonedx to …"
"Use generate_sbom_spdx to …"
"Use validate_sbom to …"

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

Sbom Cyclonedx MCP Server

About

Security Report

Findings (12)Action required

Permissions Required

How to Install

Documentation

Sbom Cyclonedx MCP

🚀 Quick Start

✨ Features

📖 Documentation

🛡️ Compliance

🏢 Enterprise

🤝 Part of the MEOK Ecosystem

📜 License

💸 Try MEOK in 30 seconds — instant buy ladder

Configuration

Examples

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Fetch

Toleno

mcp-creator-python

MarkItDown

FinAgent