> For the complete documentation index, see [llms.txt](https://docs.metatrust.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.metatrust.io/docs-zh/introduction/metascan/open-source-analyzer.md). # Open Source Analyzer ## 简介 **Open Source Analyzer**用于识别、监控和管理软件中的各个组件及其依赖关系。为开发者和安全专家提供了深入了解软件构成的途径,从而更有效地控制风险并确保系统安全。主要特点包括: 1. 开源组件识别:SCA能够自动检测软件中使用的开源组件和版本信息,有助于跟踪和管理开源依赖项。 2. 许可证合规性:SCA可审查软件组件的许可证,确保企业遵循相关法规和合规要求。 3. 安全漏洞检测:SCA能识别已知安全缺陷和风险,协助开发者及时修补漏洞并降低系统安全风险。 4. 依赖关系解析:SCA可分析组件间的依赖结构,帮助开发者了解组件交互关系及可能的潜在风险点。 --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.metatrust.io/docs-zh/introduction/metascan/open-source-analyzer.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.