Skip to main content
hc
Submit
skillsSource-backedReview first Safety Privacy

GitHub Artifact Attestation Provenance Capability Pack Skill

Expert skill for reviewing GitHub Artifact Attestations, release artifact digests, workflow provenance, OIDC boundaries, and public release evidence before an AI agent recommends or publishes build outputs.

by JSONbored·added 2026-06-05·
Claude CodeCodexWindsurfGeminiCursorCLI
HarnessClaude CodeCodexWindsurfGeminiCursorCLI
Level:expertType:capability-packVerified:validated
Review first review before installing

Open the source and read safety notes before installing.

Safety notes

  • Artifact attestation verification confirms provenance for a digest, not malware safety, runtime behavior, dependency health, or install trust.
  • Do not approve a release when the verified repository, workflow, ref, subject digest, or commit does not match the artifact being distributed.
  • Keep OIDC and workflow-permission review separate from ordinary release-note editing.

Privacy notes

  • Verification evidence can expose repository names, workflow names, internal release timing, commit SHAs, artifact names, and runner metadata.
  • Public comments should summarize verification without pasting private URLs, unpublished release notes, or internal environment details.

Prerequisites

  • Release artifact, checksum, repository, workflow run, and commit SHA under review.
  • GitHub CLI available with access to verify attestations for the target repository.
  • Release policy that defines which artifacts require provenance evidence.

Schema details

Install type
package
Reading time
9 min
Troubleshooting
No
Source repository stats
Scope
Source repo
Package metadata
Skill and platform metadata
Skill type
capability-pack
Skill level
expert
Verification
validated
Verified at
2026-06-05
Retrieval sources
https://docs.github.com/en/actions/how-tos/secure-your-work/use-artifact-attestations/use-artifact-attestationshttps://docs.github.com/en/actions/how-tos/secure-your-work/use-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-buildshttps://docs.github.com/en/actions/reference/security/oidchttps://github.com/github/docs
Tested platforms
ClaudeCodexCursorGeneric AGENTS
PlatformSupportInstall path
claude-codeNative.claude/skills/<skill-name>/SKILL.md
codexNative.agents/skills/<skill-name>/SKILL.md
windsurfNative.windsurf/skills/<skill-name>/SKILL.md
geminiNative.gemini/skills/<skill-name>/SKILL.md or .agents/skills/<skill-name>/SKILL.md
cursorAdapter.cursor/rules/<skill-name>.mdc
cliManualAGENTS.md or tool-specific context file
Full copyable content
# Trigger
"Apply the GitHub artifact attestation provenance capability pack to this release."

# Required output
1) Artifact, digest, workflow, repository, and commit inventory
2) Attestation verification result and provenance summary
3) Release-blocking gaps or mismatches
4) Public-safe release evidence wording

About this resource

Knowledge Freshness

This capability pack is based on GitHub Artifact Attestation and OIDC documentation checked on 2026-06-05. Use the current GitHub docs and CLI help for command syntax, supported artifact types, and policy behavior.

Retrieval Sources

Core Workflow

  1. Inventory the release artifact, package, checksum, repository, workflow run, commit SHA, ref, release tag, and distribution channel.
  2. Confirm the build workflow generated the artifact and attestation in a trusted GitHub Actions context.
  3. Verify the artifact with the expected owner and repository using GitHub CLI.
  4. Compare the verification output to the release evidence: subject digest, builder identity, workflow, repository, commit, and ref.
  5. Check for mismatches: renamed artifacts, local rebuilds, copied binaries, wrong repository, untrusted fork workflow, or stale release notes.
  6. Produce a public-safe provenance summary and a private maintainer note for anything that should not be disclosed.
  7. Block release recommendation when provenance is missing, mismatched, or only asserted in prose.

Capability Scope

  • GitHub Artifact Attestation evidence review
  • Release artifact digest and filename verification
  • Workflow provenance and OIDC boundary review
  • Release-note provenance wording
  • AI-assisted release recommendation guardrails
  • Privacy-safe summary of verification results

Compatibility

Native

  • Claude Code and Claude: use as a release review skill before publishing notes.
  • Codex: use when checking PRs, release branches, or package publication work.

Manual Adaptation

  • Generic AGENTS files: convert the workflow into a release provenance checklist.
  • Cursor and Windsurf: use the output contract for artifact review prompts.

Required Inputs

  • Artifact path and digest
  • Repository owner/name and expected release tag
  • Workflow run or build provenance evidence
  • Commit SHA and ref
  • Local or remote artifact location used for verification

Production Rules

  • Do not treat a filename, release note, or maintainer claim as proof of provenance.
  • Do not verify a different artifact from the one users download.
  • Do not ignore a repository, workflow, digest, commit, or ref mismatch.
  • Do not paste private verification logs into public comments.
  • Keep vulnerability scanning, malware review, and install trust as separate gates.
  • Require exact commands or reproducible evidence for the final release decision.

Output Contract

  1. Artifact inventory and digest.
  2. Verification command and result.
  3. Provenance fields: repository, workflow, ref, commit, subject digest.
  4. Blocking mismatches or missing evidence.
  5. Public-safe release wording.
  6. Follow-up checks outside attestation scope.
#github-actions#artifact-attestations#provenance#release-security#supply-chain

Source citations

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.