sbomr is a well-rated Claude Code skill (quality score 80/100) in the security-misc sub-category. It ships as a SKILL.md file that Claude Code auto-discovers under ~/.claude/skills/src/ and loads when your prompt matches the skill's trigger.
When to invoke it: Use when asked to inspect, summarize, or query an SBOM file — e.g.
The sbomr skill is built for security engineers, penetration testers, DevSecOps practitioners, and development teams hardening codebases and infrastructure. It is part of the open ClaudSkills registry, a community-curated catalog of 15,000+ capabilities you can install for Claude Code — the Claude CLI agent.
mkdir -p ~/.claude/skills/src curl -L https://claudskills.com/skills/src/SKILL.md \ -o ~/.claude/skills/src/SKILL.md
Or just download SKILL.md directly and drop it into ~/.claude/skills/src/. Claude Code auto-discovers it on next session.
Skills live at ~/.claude/skills/src/SKILL.md on macOS/Linux, or %USERPROFILE%\.claude\skills\src\SKILL.md on Windows. See the full install guide for step-by-step instructions.
The ClaudSkills desktop app installs any skill directly into ~/.claude/skills/ with one click — no terminal required. Pro starts at $9/mo or $149 lifetime.
Browse all Security skills in the ClaudSkills registry, or explore these top-rated picks from the same category: