We are building the future of Open Source Software compliance with AI-powered tools to make compliance accessible to everyone.
AI transforms GPL-licensed and patented code, making it invisible to traditional scanners. Learn how transformation-resistant signatures detect contamination that evades...
Downloads source code from Package URLs (npm, PyPI, Maven, etc.)
Extracts code patterns and performs initial license detection
Identifies hidden OSS components embedded in binary files
Agentic analysis framework for intelligent code pattern detection
High-performance license detection across 700+ SPDX identifiers with confidence scores
Generates legal notices with licenses and copyright information
Simplified CLI wrapper for generating open source legal notices
Universal package metadata extractor supporting 13 package ecosystems
Identifies package coordinates from source code using SWHIDs and multiple strategies
Lightweight, multi-source vulnerability query tool that consolidates security data from OSV.dev, GitHub Advisory, and NIST NVD using PURLs, CPE strings, and file hashes
Open Source Policy as Code - policy engine with declarative, data-driven compliance logic defined in versionable policy files
Model Context Protocol server providing comprehensive OSS compliance and vulnerability analysis capabilities through the SEMCL.ONE toolchain
Calculate the development cost savings from using open source software by analyzing SBOMs or package lists using COCOMO II models
Web interface for scan submission and results visualization
Core API services with scan queue management and orchestration
SEMCL Advisory - Evolution of OSSA Scanner for semantic code copycat detection and advisory generation