The G7 Published SBOM for AI Guidelines Today. Staffinity Implemented Them by This Afternoon.

This morning, the G7 Cybersecurity Working Group published its Software Bill of Materials for AI (SBOM for AI) minimum elements guidance — a joint document from seven national cybersecurity agencies: the US Cybersecurity and Infrastructure Security Agency (CISA), the UK's National Cyber Security Centre (NCSC), Germany's Federal Office for Information Security (BSI), France's National Cybersecurity Agency (ANSSI), Italy's National Cybersecurity Agency (ACN), Canada's Communications Security Establishment (CSE), and Japan's National Cybersecurity Office (NCO), in collaboration with the EU Commission.

By this afternoon, Staffinity had published a fully compliant, machine-readable SBOM for AI.

Here's what that means — and why you should care.

What Is an SBOM for AI?

SBOM stands for Software Bill of Materials. In traditional software, an SBOM is an ingredient list — a structured record of every component, library, and dependency that makes up a software product. It's the document that tells you what's inside the software you're running, who made each piece, what version it is, and whether any known vulnerabilities exist.

For AI systems, the same concept applies — but the ingredients are different. An SBOM for AI documents:

- Which AI models are being used — name, version, who trained them - How your data flows — where it goes, what happens to it, who can access it - Training data policies — is client data used to train the model? Under what terms? - Infrastructure — what cloud environment, what encryption, what access controls - Security properties — how is the system protected against attacks, misuse, and data leakage - Performance indicators — how is the system monitored and how are failures detected

The G7 guidance defines seven "clusters" of minimum elements that an SBOM for AI should include. These aren't mandatory regulations today — but they represent the emerging global standard for AI transparency. The same way SBOM requirements became mandatory for software in critical infrastructure (under US Executive Order 14028 in 2021), SBOM for AI requirements are likely to follow.

Why This Matters for Businesses Buying AI Agents

If you're evaluating AI vendors for your business — especially in a regulated industry like financial services, healthcare, or legal — the question "what's inside this AI system?" is not academic. It has direct compliance implications.

Your auditors want to know which AI models handle your data. Your legal team wants to know whether those models are trained on client conversations. Your CISO wants to know what security controls are in place and what the attack surface looks like. Your board wants to know what happens if one of the AI components has a vulnerability.

Until today, there was no agreed standard for how AI vendors should answer those questions. The G7 just created one.

What Staffinity Published Today

Staffinity's SBOM for AI is a machine-readable document in CycloneDX format — the standard that enterprise security tools (Dependency-Track, OWASP, Anchore) actually ingest. It covers all 7 G7 clusters:

1. Metadata — Document author (Staffinity LLC), version, timestamp, format (CycloneDX 1.5), generation context (post-deployment).

2. System Level Properties — Full data flow documentation: User (Teams/Slack) → Microsoft Bot Framework → Staffinity Orchestrator → Staffinity Agent → Anthropic Claude API → Response. Data usage policy (no training, audit-only). Input/output properties (text, file attachments, PII detection on both directions).

3. Models — Primary model: Anthropic® Claude Sonnet 4.6. Embedding model: AWS Titan Embed V2. Both documented with producer, version, intended use, known limitations, and training data policy. We transparently note that model hash values are not available for hosted API models — a limitation the G7 guidance itself acknowledges for third-party models.

4. Datasets — Per-client RAG knowledge base documented: dedicated RDS PostgreSQL instance per client, AES-256 KMS encryption, client-owned data only, not used for model training, deleted on contract termination.

5. Infrastructure — Dedicated per-client AWS accounts (not logical partitioning — separate accounts), ECS Fargate compute, KMS CMK encryption with annual rotation, TLS 1.3 in transit, CloudTrail tamper-evident logging, GuardDuty threat detection, 3-tier AWS Backup.

6. Security Properties — Entra ID role-based access control, per-user rate limiting, prompt injection content boundaries, PII detection (inbound and outbound), full interaction audit trail in WORM-compliant S3 storage with 7-year retention.

7. Key Performance Indicators — CloudWatch Synthetics uptime monitoring, latency tracking, error rate monitoring, CloudWatch alarms with SNS escalation.

The Honest Part: What We Couldn't Document

One of the G7 minimum elements is model hash values — a cryptographic fingerprint of the AI model's weights that allows you to verify you're running the exact model version you think you are.

We can't provide this for Claude or Titan Embed. The model weights are proprietary to Anthropic and AWS respectively, and they don't publish hash values for their hosted API models. This is true for every AI vendor using third-party models — which is essentially the entire industry.

The G7 guidance explicitly acknowledges this limitation and notes it as an open problem for hosted AI models. We document this gap transparently in our SBOM rather than glossing over it. That transparency is the point.

What This Means Going Forward

The SBOM for AI guidance published today is voluntary. But voluntary guidance from CISA and six allied cybersecurity agencies doesn't stay voluntary forever. Executive orders, procurement requirements, and regulatory frameworks tend to follow.

Companies that build their AI compliance posture now — before it's required — will have a significant advantage when the mandates arrive. They'll already have the documentation, the processes, and the vendor relationships that compliance requires.

Staffinity was built for exactly this kind of moment. Our architecture — dedicated per-client AWS accounts, transparent data policies, published compliance documentation — isn't a reaction to regulation. It's what we believed enterprise AI should look like from the beginning.

The G7 just agreed with us.

Download Staffinity's SBOM for AI

Our machine-readable SBOM for AI is publicly available at trust.staffinity.io — no login, no NDA, no sales call required. Download it, run it through your security tooling, and see exactly what's inside Staffinity's AI agent platform.

If you're evaluating AI agents for your business and want to understand how Staffinity compares to vendors that can't answer these questions, start with our trust center — and then book a call.