{ "_schema": "https://cyclonedx.org/schema/bom-1.5.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.5", "serialNumber": "urn:uuid:ethicore-guardian-sdk-bom-v1", "version": 1, "metadata": { "timestamp": "2026-05-30T00:00:00Z", "component": { "type": "library", "name": "ethicore-engine-guardian", "group": "com.oraclestechnologies", "version": "2.6.6", "purl": "pkg:pypi/ethicore-engine-guardian@2.6.6", "description": "Production-grade, multi-layer LLM threat detection SDK.", "licenses": [ { "id": "BSL 1.1" } ], "externalReferences": [ { "type": "website", "url": "https://oraclestechnologies.com/guardian" }, { "type": "distribution", "url": "https://pypi.org/project/ethicore-engine-guardian/" }, { "type": "documentation", "url": "https://portal.oraclestechnologies.com/docs" }, { "type": "vcs", "url": "https://github.com/OraclesTech/guardian-sdk" } ] } }, "threatCoverage": { "categories": "149+", "regexPatterns": "1508+", "semanticFingerprints": "2551+", "outputComplianceSignals": "74+", "behavioralTrackers": "8+", "languagesCovered": "50+", "owaspLlmTop10": "Full coverage — LLM01 through LLM10 (2025 edition)", "nistAiRmf": "GOVERN 1.4, 1.7, 2.2 | MAP 1.5, 2.1, 3.5 | MANAGE 2.2, 2.4, 3.2, 4.1, 4.2 | MEASURE 2.3, 2.5, 2.6", "owaspMappings": [ { "id": "LLM01", "name": "Prompt Injection", "status": "COVERED" }, { "id": "LLM02", "name": "Insecure Output Handling", "status": "COVERED" }, { "id": "LLM03", "name": "Training Data Poisoning", "status": "COVERED" }, { "id": "LLM04", "name": "Model Denial of Service", "status": "COVERED" }, { "id": "LLM05", "name": "Supply Chain Vulnerabilities", "status": "COVERED" }, { "id": "LLM06", "name": "Sensitive Information Disclosure", "status": "COVERED" }, { "id": "LLM07", "name": "Insecure Plugin Design", "status": "COVERED" }, { "id": "LLM08", "name": "Excessive Agency", "status": "COVERED" }, { "id": "LLM09", "name": "Overreliance", "status": "COVERED" }, { "id": "LLM10", "name": "Model Theft", "status": "COVERED" } ] }, "mlModel": { "architecture": "XGBoost + ONNX MiniLM-L6-v2 (384-dim embeddings)", "trainingSamples": 300000, "aucRoc": 0.9985, "calibrationGate": "PASSED — avg benign prob 0.0036 (threshold < 0.40)", "exportFormat": "ONNX Runtime 1.x" }, "supplyChainProvenance": { "modelIntegrity": "SHA-256 manifest verified at startup", "responseSigningAlgorithm": "Ed25519", "publicKeyEndpoint": "GET https://api.oraclestechnologies.com/v1/guardian/public-key", "dependencyLockfile": "requirements.lock (hash-pinned)", "ciAudit": "pip-audit on every PR", "attestation": "Sigstore — SLSA Level 2" }, "compliance": { "nistOlir": [ { "framework": "NIST Cybersecurity Framework 2.0", "catalog": "https://csrc.nist.gov/projects/olir/informative-reference-catalog/details?referenceId=209" }, { "framework": "NIST AI Risk Management Framework 1.0", "catalog": "https://csrc.nist.gov/projects/olir/informative-reference-catalog/details?referenceId=210" } ] }, "discovery": { "humanReadable": "https://oraclestechnologies.com/resources/ai-bom", "machineReadable": "https://oraclestechnologies.com/.well-known/ai-bom.json", "updateFrequency": "Updated with each Guardian SDK release and threat library update" } }