Blog
Notes on Agent Composition Analysis — identity resolution, Agent BOMs, and securing AI agent stacks. RSS
- Introducing OpenACA: Agent Composition Analysis
Your dependency scanner can't see your agent stack. OpenACA is an open-source scanner that inventories the MCP servers, plugins, skills, and dependencies your AI agents pull in — and matches them against known security advisories.