Collaboration discussion: ai-bom (Trusera) + aisbom (Lab700x) #30
Description
Hi Lab700x team,
I discovered aisbom recently and I'm impressed — scanning Hugging Face models over HTTP Range requests is brilliant engineering.
We're building ai-bom at Trusera (github.com/Trusera/ai-bom), which takes a different approach:
- Focus: AI workflows and orchestration (n8n, LangChain, CrewAI, AutoGen, MCP servers)
- Coverage: Not just models, but entire AI stacks (frameworks, tools, dependencies, configs)
- Format: CycloneDX v1.6 with AI-specific extensions
Potential collaboration:
I see complementary strengths:
- aisbom: Deep model scanning (weights, SafeTensors, HF metadata)
- Trusera ai-bom: Workflow-level scanning (what models are used, how they're orchestrated, what tools they call)
Would you be open to:
- Cross-referencing our tools in READMEs (different use cases, complementary)
- Potential integration: ai-bom detects model references → aisbom scans them for SafeTensors compliance
- Joint contribution to CycloneDX AI/ML-BOM standards
We're both addressing the AI supply chain problem from different angles — there's room for both approaches and potential synergy.
60+ GitHub stars, Israeli enterprise design partners, active community.
Thoughts?
Eliad Shahar, Co-founder & CTO, Trusera (trusera.io)
GitHub: github.com/Trusera/ai-bom