software-signing
OfficialEnsure trustworthiness of software with digital signatures.
AuthorRedHatProductSecurity
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Digital signing verifies the integrity and authenticity of software binaries and container images, preventing tampering and ensuring safety in deployment.
Core Features & Use Cases
- Signing Artifacts: Sign container images, binaries, Helm charts, Python packages, and npm packages to establish provenance.
- Verification: Validate signatures to confirm the source and integrity of artifacts.
- Use Case: Developers sign container images before deployment to prevent malicious modifications, with verification steps integrated into CI/CD pipelines.
Quick Start
Sign a container image using sigstore cosign and verify the signature to confirm authenticity.
Dependency Matrix
Required Modules
cosign
Components
scripts
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: software-signing Download link: https://github.com/RedHatProductSecurity/prodsec-skills/archive/main.zip#software-signing Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.