Nils Schlegelmilch enhanced security visibility and dependency traceability for the nxp-upstream/zephyr repository by improving its Software Bill of Materials (SBOM) and dependency graph. He developed Python scripts to automate the inclusion of Zephyr in modules-deps.spdx, ensuring the SBOM accurately reflected all dependencies for vulnerability scanning. By incorporating Zephyr’s CPE and PURL data, he enabled precise vulnerability mapping and established DEPENDENCY_OF relationships to support a structured dependency graph. This work addressed the need for repeatable builds and robust component risk assessment, demonstrating depth in Python scripting, dependency management, and SBOM generation within a focused, high-impact engineering effort.