Audits pull-request diffs for 10 categories of AI-coding-agent cheat patterns; non-zero exit blocks the merge. Also runs as a contract-driven orchestrator: compile a goal, race candidate patches, log every step to a hash-chained ledger.

A community wiki for all things AI/ML bill of materials (MLBOM, AIBOM) and transparency into AI/ML models.

Generate xBOMs enriched with AI, SaaS, Crypto and more using Static Code Analysis

Scan codebases for AI SDK usage and map compliance risks to NIST AI RMF, ISO 42001, and EU AI Act

AI supply-chain security scanner and self-hosted control plane for agents, MCP, SBOM/SARIF, graph findings, runtime enforcement, and compliance evidence.

Open-source EU AI Act compliance scanner. 51 checks across Articles 9-15. Drop-in trust layers for LangChain, CrewAI, AutoGen, OpenAI. Local-first, no data leaves your machine.

Data and schema powering the worlds largest collection of SBOM/xBOM products, projects, and services

The industry-standard Agentic Identity & Inventory Scanner. Automatically inventory autonomous agents (LangChain, AutoGen, CrewAI, PydanticAI) using static analysis, network heuristics, and eBPF. Foundational tool for AIBOM compliance and AgentOps governance.

An AI-BOM visual viewer

Go CLI tool that scans a repository for Hugging Face model usage and emits a CycloneDX AI/ML Bill of Materials.

Policy-as-Code guardrails for ML and LLM systems: OPA/Kyverno policies, compliance mappings, signed bundles, evidence trails, and plugin index.

AI Agent Scanner - A standalone AI Agent scanner that can discover agent repos, configuration, system prompts, classify risk and produce compliance-ready reports

SBOM generation for Python & AI projects. Extract metadata from GGUF, ONNX, and PyTorch models. Build SBOM directly from Hugging Face URL. Native Hatchling build-hook.

THIS IS H A K C I N G Q U A L I T Y

Example Template created from https://github.com/haKC-ai/hakcai_secure_repo_template_creator

AIBOM policy-as-code engine — deny risky combinations of models, tools, and data. OPA-style policy rules for AI supply chain governance. Enforce model pinning, tool approvals, and provider restrictions.

An AI-BOM goof project for Snyk AI-BOM cli

Runtime AIBOM emitter — generate AI Bills of Materials from what actually ran. Combines static inventory with runtime OTel trace evidence: models, tools, endpoints, versions. CycloneDX-compatible output.

Supply-chain forensics for AI models. Traces lineage, audits licenses, flags trust gaps.

AI-BOM emitter — sign and verify SPDX-AI provenance for AI-assisted code