verifying-build-provenance-with-slsa-sigstore

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/agent.py script executes CLI tools (cosign, slsa-verifier) using subprocess.run() with list-based arguments. This implementation avoids shell invocation, preventing command injection vulnerabilities even when handling dynamic inputs like image tags or artifact paths.
  • [EXTERNAL_DOWNLOADS]: The skill references binary downloads for cosign and slsa-verifier from their respective official GitHub organizations (sigstore and slsa-framework). These are well-known and reputable sources within the software security community.
  • [DATA_EXPOSURE]: The skill processes artifact provenance data locally. It decodes in-toto attestations to display builder information without exfiltrating data to any external third-party domains.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 07:29 PM
Security Audit — agent-trust-hub — verifying-build-provenance-with-slsa-sigstore