Skip to main content
The Agent BOM (Bill of Materials) is a standalone inventory of everything in your AI agent project: agents, tools, models, MCP servers, system prompts, permissions, and dependencies. It runs entirely offline — no runtime execution, no network calls, pure AST analysis.

What Agent BOM captures

Drako parses your source code to extract:
  • Agents — every agent definition, including class-based and constructor-based agents.
  • Tools — every @tool-decorated function and Tool() constructor, with permission classification (filesystem, network, code execution).
  • Models — every LLM model reference (gpt-4o, claude-sonnet-*, gemini-*, etc.) found in string literals.
  • MCP servers — servers defined in mcp.json or referenced via mcp:// URIs.
  • Prompts — system prompts and instruction strings. Content is hashed, not exposed in output.
  • Permissions — inferred from tool body analysis: filesystem, network, code_execution, database.
  • Framework — detected framework name and version.
  • Vendors — inferred from model names and SDK imports.
No governance rules are evaluated during BOM generation — this is a pure inventory tool.

Running the BOM

drako bom .
Example output: 
Agents     3  researcher, writer, reviewer
Tools     12  web_search, file_reader, code_runner, ...
Models     2  gpt-4o, claude-sonnet-4-20250514
MCP        1  server (filesystem)
Prompts    4  system prompts (content hashed, not exposed)
Perms         filesystem, network, code_execution
Framework  crewai 0.86.0
Vendors    OpenAI (model), Anthropic (model)

Output formats

drako bom .
To write output to a file instead of stdout: 
drako bom . --format json --output agent-bom.json

Use cases

The Agent BOM satisfies the EU AI Act Art. 11 requirement for technical documentation. A JSON or Markdown BOM gives auditors a point-in-time inventory of your AI system’s components — what agents exist, what tools they have access to, what models they use, and what permissions they require.
drako bom . --format markdown --output docs/agent-bom.md
Use the permissions section of the BOM to scope a security review. A project where the BOM shows code_execution and filesystem permissions warrants a deeper review than one limited to network read-only access.The BOM also surfaces vendor concentration — if the same vendor appears for models, framework, and infrastructure, that’s a risk the BOM makes visible.
Commit the BOM to your repository and diff it on each pull request to see exactly what changed in your agent system’s inventory:
# In CI: generate and compare BOM
drako bom . --format json --output .drako/agent-bom.json
git diff .drako/agent-bom.json
New tools, new models, or new permissions appearing in a PR are immediately visible in the diff.
The BOM is also generated as part of every drako scan run — it appears at the top of the scan output as the Agent BOM summary line. The drako bom command is for standalone inventory extraction without the governance scan.

Build docs developers (and LLMs) love

Get started for freeTalk to us