AI-SBOMs (Beta)¶
An AI Software Bill of Materials (AI-SBOM) is a structured inventory of every component that makes up an AI agent or workflow. Just as a traditional SBOM lists the software libraries in an application, an AI-SBOM documents the models, tools, data sources, prompts, guardrails, and dependencies that an AI system relies on — giving your organization transparency into what is running and how it was built.
Why AI-SBOMs Matter¶
AI systems are more than code. An agent's behavior depends on which model it uses, what tools it can call, which data it was trained on or has access to, and what guardrails constrain it. Without a bill of materials, it is difficult to:
- Assess risk -- Understand the blast radius when a model provider changes behavior or a data source is compromised
- Meet regulatory requirements -- The EU AI Act and NIST AI RMF require documentation of AI system components and their provenance
- Respond to incidents -- Quickly identify which agents are affected when a vulnerability is disclosed in a model or dependency
- Maintain auditability -- Demonstrate to auditors exactly what was deployed and when
Regulatory context
The EU AI Act (Article 11) requires providers of high-risk AI systems to maintain technical documentation covering system components, data, and design choices. NIST AI RMF (Map function) calls for documenting AI system composition. AI-SBOMs are the platform's mechanism for satisfying these requirements.
What an AI-SBOM Tracks¶
Each AI-SBOM captures the full composition of a deployed agent or AI-powered workflow.
graph TD
SBOM["AI-SBOM"]
SBOM --> MODELS["Models"]
SBOM --> TOOLS["Tools"]
SBOM --> DATA["Data Sources"]
SBOM --> PROMPTS["Prompts"]
SBOM --> GUARD["Guardrails"]
SBOM --> DEPS["Dependencies"]
SBOM --> META["Metadata"]
MODELS --> M1["Provider, name, version"]
TOOLS --> T1["Tool name, endpoint, permissions"]
DATA --> D1["Dataset, connector, schema"]
PROMPTS --> P1["Template, version, variables"]
GUARD --> G1["Input/output filters, PII rules"]
DEPS --> DEP1["Python packages, service deps"]
META --> META1["Author, timestamp, deployment ring"]
Component Details¶
| Section | Fields Captured |
|---|---|
| Models | Provider (e.g., OpenAI, Anthropic), model name, model version/snapshot, parameters (temperature, max tokens), routing rules |
| Tools | Tool name, description, source (MCP server, connector, code block), permission scopes required, input/output schemas |
| Data Sources | Dataset IDs, connector instances, data schemas, access patterns (read/write), data classification level |
| Prompts | Prompt template text (or hash for sensitive prompts), version, variable placeholders, last modified date |
| Guardrails | Input filters (PII detection, content safety), output filters (hallucination checks, format validation), approval checkpoints |
| Dependencies | Python package list with pinned versions, service dependencies (other agents, hosted services, external APIs) |
| Metadata | SBOM version, generation timestamp, solution ID, deployment ring, Git SHA, generating user |
Generating AI-SBOMs¶
Automatic Generation¶
When automatic SBOM generation is enabled, the platform generates an AI-SBOM each time a solution containing AI components is deployed. The SBOM is stored alongside the deployment artifact and linked in the audit log.
- Navigate to Solution > Settings > Security
- Toggle Auto-generate AI-SBOM on deployment to On
- SBOMs will appear in the Security > AI-SBOMs section after each deployment
Manual Generation¶
Generate an SBOM for any deployed solution at any time:
- Go to Security > AI-SBOMs
- Click Generate SBOM
- Select the solution and deployment ring
- Click Generate
Viewing AI-SBOMs¶
The SBOM viewer provides a structured, navigable view of the bill of materials.
SBOM Summary¶
The summary view shows high-level composition at a glance, including the number of models, tools, data sources, prompts, guardrails, and dependencies. Each section can be expanded to see individual component details such as provider, version, access patterns, and configuration.
Comparing SBOMs¶
Compare two SBOMs to see what changed between deployments. The SBOM viewer shows added, removed, and modified components between any two deployment versions.
SBOM Export Formats¶
Export SBOMs in machine-readable formats for integration with governance tools, supply chain security systems, or regulatory submissions.
| Format | Description | Use Case |
|---|---|---|
| JSON | Structured JSON following the Flow AI-SBOM schema | Programmatic processing, API integrations |
| CycloneDX | OWASP CycloneDX BOM format with AI extensions | Supply chain security tools (Dependency-Track, GUAC) |
| SPDX | Linux Foundation SPDX format with AI profile | Open-source compliance, license tracking |
| Human-readable report with tables and summaries | Auditor handoff, compliance evidence |
SBOMs can be exported from the Platform UI under Security > AI-SBOMs in JSON, CycloneDX, SPDX, or PDF format.
SBOM Policies¶
Configure policies to enforce SBOM requirements across your organization.
| Policy | Description |
|---|---|
| SBOM Required for Production | Block production deployments that do not have a generated SBOM |
| Model Allowlist | Flag SBOMs containing models not on the approved list |
| Dependency Vulnerability Check | Cross-reference SBOM dependencies against known vulnerability databases |
| Data Classification Check | Ensure agents accessing sensitive data have appropriate guardrails documented |
SBOM completeness
An AI-SBOM is only as useful as it is complete. If your agent calls external APIs or services outside the platform, document them as external dependencies in the solution manifest so they appear in the SBOM.