attestation
Attestation with orbit CLI
Verify, download, and inspect build provenance attestations using Sigstore bundles with in-toto attestation format and SLSA provenance predicates. This feature supports supply chain security by letting you confirm artifact origin, signer identity, and build metadata.
Prerequisites
orbitCLI installed — ifwhich orbitfails, install with:- macOS/Linux (Homebrew):
brew install jorgemuza/tap/orbit - macOS/Linux (script):
curl -sSfL https://raw.githubusercontent.com/jorgemuza/orbit/main/install.sh | sh - Windows (Scoop):
scoop bucket add jorgemuza https://github.com/jorgemuza/scoop-bucket && scoop install orbit
- macOS/Linux (Homebrew):
- A Sigstore attestation bundle (
.jsonlor.json) for the artifact you want to verify or inspect - For
download: a profile with a GitHub service configured (attestation bundles are fetched from GitHub)
Quick Reference
All commands follow the pattern: orbit attestation <command> [arguments] [flags]
Alias: orbit attest <command> [arguments] [flags]
More from jorgemuza/orbit
gitlab
Create and manage GitLab projects, merge requests, pipelines, issues, branches, and more using the orbit CLI. Use this skill whenever the user asks about GitLab repositories, MRs (merge requests), CI/CD pipelines, branches, tags, commits, issues, groups, or project members. Trigger on phrases like 'list MRs', 'check the pipeline', 'create a branch', 'open a merge request', 'view the latest commits', 'list projects in group X', 'retry the CI', 'close the issue', 'who are the members', or any GitLab-related task — even casual references like 'what's running in CI', 'show me the MRs', 'tag a release', 'check if it merged', or 'list repos'. Also trigger when the user mentions PR/pull request in a GitLab context (GitLab calls them merge requests). The orbit CLI alias is `gl`.
100jira
Interact with Jira using the orbit CLI to create, list, view, edit, and transition issues, manage sprints and epics, export epic hierarchies to markdown, manage dashboards and gadgets, manage saved filters, manage custom fields and screen configurations, list statuses and issue types, and write properly formatted descriptions using Jira wiki markup. Use this skill whenever the user asks about Jira tasks, tickets, issues, sprints, epics, dashboards, filters, gadgets, or needs to manage project work items using orbit. Also trigger when the user says things like 'create a ticket', 'create epics', 'move this to done', 'assign the issue', 'update the description', 'format for Jira', 'create a custom field', 'add field to screen', 'list statuses', 'configure Jira', 'create a dashboard', 'add a gadget', 'list filters', 'search filters', 'export epic', 'dump epic hierarchy', or any Jira-related workflow — even casual references like 'update Jira', 'what tickets are in this sprint', 'add a comment to PROJ-123', 'set up AI tracking fields', 'show me the dashboards', or 'create a metrics dashboard'. Trigger especially when descriptions need proper formatting (headings, bullets, tables, links) since Jira Server uses wiki markup, not markdown.
98confluence
Manage Confluence pages using the orbit CLI — create, update, view, publish markdown directories, check page hierarchy, and control page width. Use this skill whenever the user asks about Confluence pages, wiki content, publishing documentation, uploading markdown to Confluence, syncing docs, checking page hierarchy or ancestors, or managing page trees using orbit. Trigger on phrases like 'create a Confluence page', 'update the wiki', 'publish these docs to Confluence', 'upload markdown', 'set page width', 'view page', 'list child pages', 'show hierarchy', 'check page tree', 'what are the ancestors', or any Confluence-related task — even casual references like 'push this to Confluence', 'sync the docs', 'check what pages are under X', or 'show me the page structure'. Also trigger when the user needs to convert markdown to Confluence storage format or wants to track which markdown files map to which Confluence pages via frontmatter metadata (confluence_page_id, confluence_url).
97format-docs
Format and restructure markdown documents so they publish cleanly to Confluence via `orbit confluence publish`. Use this skill whenever the user wants to prepare docs for Confluence, fix markdown formatting for wiki publishing, add frontmatter to docs, restructure a docs directory, or ensure markdown files follow Confluence-friendly conventions. Also trigger when the user says things like 'format these docs', 'prepare docs for Confluence', 'fix the frontmatter', 'restructure the docs folder', 'make these docs publishable', 'clean up the markdown', or any task involving making markdown Confluence-ready — even if they just say 'format this' or 'prep for wiki' without mentioning Confluence explicitly. If the user has a docs/ directory and mentions publishing or syncing, this skill applies.
74draxarp
Manage Draxarp Intelligence — projects, tasks, specs, docs, memories, sprints, knowledge graph, context captures, and task decomposition via orbit CLI
71github
Create and manage GitHub repositories, pull requests, issues, releases, branches, secrets, and more using the orbit CLI. Use this skill whenever the user asks about GitHub repositories, PRs (pull requests), GitHub Actions workflow runs, branches, tags, commits, issues, releases, secrets, or organization repos. Trigger on phrases like 'list PRs', 'check the actions', 'watch the workflow', 'create a secret', 'open a pull request', 'view the latest commits', 'list repos in org X', 'rerun the workflow', 'close the issue', 'latest release', 'set a GitHub secret', or any GitHub-related task — even casual references like 'what's running in CI', 'show me the PRs', 'tag a release', 'check if it merged', 'list repos', 'is the build passing', or 'add a deploy key secret'. Also trigger when the user wants to monitor CI/CD progress, manage Actions secrets for deployments, or debug failing workflows. The orbit CLI alias is `gh`.
64