git log --oneline --stat
HEAD
- Stars
- 3.8k
- Forks
- 200
- Updated
- Jun 24, 2026
repo --stat
stars
3.8k
forks
200
last update
Jun 24, 2026
license
MITv1.2.0
quickstart.sh
3 steps
- Install
// Drops SKILL.md into ~/.claude/skills/
$ claude skills add sigstore-slsa-provenance - Invoke
// Run from any project directory
$ claude --skill sigstore-slsa-provenance "wire up a GitHub Actions deploy" - Iterate
// Re-run with edits — Claude keeps the skill loaded
$ claude --skill sigstore-slsa-provenance "now refactor it"
sigstore-slsa-provenance/
references
- references/
- SKILL.mdopen
- README.mdopen
SKILL.md
readonly
- name:
- Sigstore SLSA Provenance
- slug:
- sigstore-slsa-provenance
- version:
- v1.2.0
- license:
- MIT
- author:
- @sigstore-craft
- repository:
- github.com/sigstore-craft/sigstore-slsa-provenance
- categories:
- tags:
- #sigstore#cosign#slsa#supply-chain#in-toto
- description:
Keyless cosign signing, SLSA Build L3 provenance, and in-toto attestation verification at admission for CRA compliance.
features.md
3 capabilities
// What you can do with it
- Automates the tedious parts of the workflow.
- Gives Claude the right context, tools, and guardrails.
- Produces consistent, reviewable output every time.
README.md
sigstore-slsa-provenance/README.md
5 sections
Loading README…
$ cat reviews/
Reviews
// No reviews yet. Be the first.
Loading review form…