Software Bills of Materials, or SBOMs, are a hot topic when it comes to our so-called software supply chains. The promise of SBOMs is huge: know what you're running across all of your infrastructure and assess your exposure to a vulnerability in seconds. But without careful work by the community, we risk SBOMs become just another compliance gate that gives a false sense of security without commensurate value.