Skip to content

enhance: refined diagrams, agent-bom CI, updated README#8

Merged
msaad00 merged 2 commits intomainfrom
enhance/diagrams-and-ci
Apr 9, 2026
Merged

enhance: refined diagrams, agent-bom CI, updated README#8
msaad00 merged 2 commits intomainfrom
enhance/diagrams-and-ci

Conversation

@msaad00
Copy link
Copy Markdown
Owner

@msaad00 msaad00 commented Apr 9, 2026

Summary

Diagrams

  • Replaced all red tones with steel blue/indigo — cloud architecture palette
  • Replaced green with teal — consistent across all 7 SKILL.md + README
  • Color system: slate (#1e293b), teal (#2dd4bf/#164e63), cyan (#22d3ee), blue (#60a5fa), indigo (#a78bfa)
  • Added architecture diagrams for model-serving and GPU cluster skills
  • Simplified all diagrams for readability

CI

  • agent-bom scan: SAST + secret detection on skill source code → SARIF → GitHub Security tab
  • agent-bom skills audit: SKILL.md security review → SARIF → GitHub Security tab
  • Added security-events: write permission for SARIF upload
  • Dogfooding: agent-bom scanning its own cloud-security skills collection

README

  • Restructured skills table with check counts per skill
  • CI/CD pipeline table documenting all 9 jobs
  • Quick start includes model-serving and GPU cluster examples
  • Compliance framework mapping expanded with MITRE ATLAS controls
  • Added "Scanned by agent-bom" badge

Test plan

  • All diagrams use consistent palette (no red)
  • README renders correctly with Mermaid on GitHub
  • CI workflow includes agent-bom scan + skills audit jobs

msaad00 added 2 commits April 8, 2026 22:56
@msaad00
enhance: refined diagrams, agent-bom CI, updated README
bb93076 
Diagrams:
- Replaced all red (#ef4444, #7f1d1d) with steel blue (#60a5fa, #1e3a5f)
- Replaced green (#22c55e, #14532d) with teal (#2dd4bf, #1a2e35)
- Consistent cloud architecture palette: slate, teal, cyan, indigo
- Added Mermaid diagrams for model-serving and GPU cluster architectures
- Simplified all diagrams for clarity (removed visual noise)

CI:
- Added agent-bom scan job (SAST + secrets → SARIF → GitHub Security tab)
- Added agent-bom skills audit job (SKILL.md review → SARIF)
- Added security-events: write permission for SARIF upload

README:
- Restructured skills table with check counts
- Added CI/CD pipeline documentation table
- Added model-serving and GPU quick start examples
- Updated compliance framework mapping with MITRE ATLAS
- Added "Scanned by agent-bom" badge
@msaad00
fix(ci): use pip install agent-bom + CLI instead of GitHub Action for…
d6a3924 
… reliability
@msaad00 msaad00 merged commit 122a420 into main Apr 9, 2026
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@msaad00