Obtain the image manifest digest for the subject image using docker inspect --format '{{index .RepoDigests 0}}' <IMAGE> or via GET /v2/<name>/manifests/<tag> capturing the Docker-Content-Digest response header
Query the referrers endpoint: GET https://<REGISTRY>/v2/<name>/referrers/<digest> with an Accept: application/vnd.oci.image.index.v1+json header; the registry returns an OCI image index listing all attached artifacts
Filter by artifact type by appending a query parameter: GET /v2/<name>/referrers/<digest>?artifactType=application/vnd.cyclonedx+json to retrieve only CycloneDX SBOM referrers
For each referrer in the manifests array, pull the artifact manifest using GET /v2/<name>/manifests/<referrer_digest> and then fetch the blob using the layer digest to retrieve the SBOM or signature payload
Use the oras CLI as a higher-level alternative: oras discover <IMAGE>@<DIGEST> lists all referrers with their artifact types in a human-readable format
Known gotchas
Not all registries have implemented OCI Distribution 1.1; registries that predate the 1.1 spec return a 404 on the /referrers/ endpoint, in which case cosign and notation fall back to storing referrers using a tag-based scheme
The referrers API returns a paginated OCI image index; if there are many referrers, the response includes an OCI-Referrers-State header and a Link header for pagination — clients that ignore pagination may miss entries
The artifactType filter is advisory; registries SHOULD support it but are not required to; always handle the case where the unfiltered list is returned and apply client-side filtering
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp