It would be interesting to add something that would allow you to answer simple questions about your SBOM document:

• "how many packages does it contain?"
• "are there any packages that contain 'libc' in the name?"
• "does the given file hash exist in the SBOM?"
• "are there any packages with zip files?"

Additionally it would be nice to also see basic summary information as well:

• "list all of my packages"
• "list all of my files"

Example CLI usage:

syft list packages ./sbom.json # list all packages
syft list files ./sbom.json          # list all files

syft query 'package where name == "libc"' ./sbom.json 
syft query 'package has file.name == "*.zip"' ./sbom.json 

syft query  ./sbom.json    # interactive prompt if nothing is given
>

Implementation question: Inventing a query language seems complex. Is there an existing one that we could leverage more easily?