get_image_sbom
Extract the Software Bill of Materials (SBOM) from a container image to identify components and dependencies for security analysis in Kubernetes environments.
Instructions
Get the SBOM of a container image
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| digest | Yes | Image digest (required for SBOM) |
Implementation Reference
- src/operations/images.ts:117-124 (handler)The core handler function that executes the tool logic by calling the RAD Security API to download the SBOM for the specified image digest.
export async function getImageSBOM( client: RadSecurityClient, digest: string ): Promise<any> { return client.makeRequest( `/accounts/${client.getAccountId()}/sboms/${digest}/download`, ); } - src/operations/images.ts:19-21 (schema)Zod schema defining the input validation for the tool: requires an image digest string.
export const GetImageSBOMSchema = z.object({ digest: z.string().describe("Image digest (required for SBOM)"), }); - src/index.ts:302-306 (registration)Registration of the tool in the MCP server's listTools handler, specifying name, description, and input schema.
{ name: "get_image_sbom", description: "Get the SBOM of a container image", inputSchema: zodToJsonSchema(images.GetImageSBOMSchema), }, - src/index.ts:1046-1056 (registration)Handler execution case in the MCP server's CallToolRequest switch statement, which parses input, calls the handler function, and formats the response.
case "get_image_sbom": { const args = images.GetImageSBOMSchema.parse( request.params.arguments ); const response = await images.getImageSBOM(client, args.digest); return { content: [ { type: "text", text: JSON.stringify(response, null, 2) }, ], }; }