verifying-build-provenance-with-slsa-sigstore

Installation
SKILL.md

Verifying Build Provenance with SLSA and Sigstore

Overview

Build-provenance verification answers a question that defeats many supply-chain attacks: was this artifact actually built from the source I think it was, by the builder I trust, without tampering? Attackers who compromise a build system, swap a compiled release, or inject a malicious step (as in the SolarWinds and 3CX incidents) produce artifacts that look legitimate but lack verifiable provenance. SLSA (Supply-chain Levels for Software Artifacts, https://slsa.dev) defines Build levels (L1–L3) describing increasing provenance integrity, and Sigstore (https://www.sigstore.dev) provides the signing and transparency infrastructure: cosign for signing/verifying artifacts and attestations, Fulcio for short-lived keyless certificates bound to an OIDC identity, and Rekor as a tamper-evident transparency log.

This skill covers verifying signatures and SLSA provenance with cosign (cosign verify, cosign verify-attestation, cosign verify-blob-attestation) and slsa-verifier (slsa-verifier verify-artifact), enforcing the builder identity (the GitHub Actions workflow that produced the artifact) and the expected source repository. Keyless verification ties trust to an OIDC issuer (e.g., https://token.actions.githubusercontent.com) and a certificate identity rather than a long-lived private key.

This maps to MITRE ATT&CK T1195 — Supply Chain Compromise (provenance verification detects/blocks tampered artifacts) and NIST CSF PR.DS-06 (integrity-checking mechanisms are used to verify software, firmware, and information integrity).

When to Use

  • In CI/CD before deploying or promoting any container image or release binary.
  • When consuming third-party artifacts (base images, Go/npm releases) that publish attestations.
  • When establishing a SLSA Build L3 producer pipeline and enforcing it at the consumer side.
  • During incident response to confirm whether a deployed artifact's provenance is intact.
  • In admission control (e.g., Kubernetes via policy-controller / Kyverno) to admit only verified images.

Prerequisites

Installs
19
GitHub Stars
24.2K
First Seen
12 days ago
verifying-build-provenance-with-slsa-sigstore — mukul975/anthropic-cybersecurity-skills