AI-BOM
Discovering AI assets and the relationships between them.
As companies adopt AI at a rapid pace, this also means that AI is getting access to more and more data, in addition to having more surfaces for interaction from external chatbots, internal tooling, and agentic processes.
Companies are navigating the tension between rapid AI adoption and the inherent security risks. While no one wants to hinder progress, establishing visibility and robust guardrails is paramount for safe, compliant implementation. To address this, leaders need answers to critical questions such as, "Is anyone using unapproved AI models?" and "What is our exposure to newly vulnerable AI libraries?" To address this, Snyk has introduced AI-BOM with the Snyk CLI, MCP Server, and API components of the Snyk platform.
The following sections provide an overview, as well as details on where to find additional information as these capabilities rapidly evolve.
Here are some companion articles that have been created and announced that demonstrate the AI-BOM's capabilities: Find shadow AI usage with Snyk AI-BOM API and See Your MCPs in Snyk's AI Bill of Materials.
Requirements
During the Experimental preview release, these capabilities are available on all Snyk plans (Free, Team, and Enterprise).
- Note that Snyk Enterprise users have access to the complete set of APIs the Snyk platform provides.
- To use this experimental feature, the latest PREVIEW version of the Snyk CLI is required.
- Your project must be python and a package manager supported by Snyk: https://docs.snyk.io/supported-languages-package-managers-and-frameworks/python
In this section, we will discuss the Snyk CLI and its AI-BOM capabilities.
The Snyk CLI is a powerful tool that can be used locally, or as an integration, most often integrated into CI/CD processes. It can perform tests, and push results to the Snyk platform for reporting. It can also generate artifacts in JSON and other formats.
In the CLI, the aibom command identifies: agents, tools, models, datasets, MCP server (new feature), and AI-specific libraries. By running AI-BOM from a directory containing the code, you can generate and inspect programmatically the JSON version of the AI-BOM for both visibility and security guardrails.
Navigate to the directory that has the code and run the following command:
snyk aibom --experimental
Currently the JSON output will be in the format of CycloneDX v1.6 (JSON).
AI-BOM also introduces the ability to generate a visualizer via the CLI. This is achieved via the HTML export format, which you can generate as follows:
Raw html to standard output (to the screen):
snyk aibom --experimental --html
Outputted to a file and opened, typically by default browser:
snyk aibom --experimental --html > snyk-aibom.html && open snyk-aibom.html
Rendered html sample & visualizer output:
Additional AI-BOM CLI resources
- For more information, see the Snyk CLI AI-BOM documentation.
MCP (Model Context Protocol) is an open protocol that standardizes how applications share context with large language models.
MCP can provide AI systems with additional information needed to generate accurate and relevant responses for use cases where the AI systems do not have the context, by integrating the AI systems with tools and platforms that have specific capabilities.
Similar to the CLI above, you can integrate Snyk’s MCP Server into your development environment to provide Snyk security context, such as information on agents, tools, models, datasets, MCP Servers, and AI-specific libraries.
To use Snyk’s MCP Server, the Snyk CLI includes the MCP Server capability, providing access to not only initiate scans, like code and open source scans, but also generate AI-BOM. This capability is added via:
snyk_aibom
Additional AI-BOM MCP Server resources
- A full list of capabilities accessible via the MCP server can be found here.
- For more details on Snyk MCP, see the Snyk MCP Server installation, configuration and startup and Troubleshooting for the Snyk MCP server pages.
- For more information, see the Snyk MCP Server documentation.
Similar to the above examples, the AI-BOM API gives information on agents, tools, models, datasets, MCP server, and AI-specific libraries to programmatically query and base decisions on.
During the Experimental Preview, the API will be available to users on all plans.
The related endpoint using the api_version '2025-07-22':
POST /rest/orgs/{org_id}/ai_boms
usage:
{BASE_URL}/rest/orgs/{SNYK_ORG_ID}/ai_boms?version={api_version}
Where BASE_URL for customers on public regional instances can be found here.
With this API endpoint you could query specific targets for the AI-BOM. Programmatically, with access to the larger set of APIs in Snyk, apis such as:
/rest/orgs/{org_id}/targets
you could get a list of targets from Snyk and then generate an AI-BOM. With this set of results, you could then query for AI components that go with, or go against, what you considered "allowed", as defined by your internal AI policies.
Additional AI-BOM API resources
- A well-explained example can be found here: Find shadow AI usage with Snyk AI-BOM API
- For more information, refer to the Snyk API end point for AI-BOM