What Is an Agent Action BOM?

Definition

An Agent Action BOM answers a narrow operational question:

What can this AI-assisted engineering workflow touch or change?

The artifact follows the action path rather than only the model or code artifact:

agent/workflow -> repo/PR -> credential -> action -> target -> owner -> approval/proof

Why it exists

AI coding agents and automations can cross boundaries that are usually reviewed separately: repository permissions, CI/CD workflows, secrets, package managers, MCP tools, cloud APIs, release workflows, and production-adjacent systems.

A normal inventory can show that a tool exists. An Agent Action BOM should show what the tool or workflow can do.

Core fields

How it differs from an SBOM and an AI inventory

An SBOM lists software components. An AI inventory may list models, prompts, tools, datasets, providers, or approved applications.

An Agent Action BOM maps action authority. It is about what an AI-assisted workflow can touch or change across software delivery.

Buyer questions

• Which AI-assisted workflows can write code, change CI/CD, or trigger deployment paths?
• Which credentials do those workflows inherit, and are they broader than the task requires?
• Which actions should be allowed automatically, require approval, or be blocked?
• Could an AppSec, platform, or audit reviewer reconstruct what happened after a privileged action?
• Who owns each action path when the agent, workflow, repo, credential, and target system span different teams?

How to use it

• Start with two or three repos or workflows where AI-assisted actions can affect delivery.
• Map the actor, credential, action, target, owner, approval rule, and proof trail.
• Classify each action as allowed, approval-required, or blocked.
• Fix standing broad credentials before expanding write authority.
• Use the artifact in AppSec review, platform standards, and CISO reporting.