Add signed build manifest review skill

Author: YfengJ

README.md

@@ -3,7 +3,7 @@
 **Drop structured security skills into your AI coding agent. Get instant, framework-grounded security expertise.**
 
 ![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)
-![Skills: 45](https://img.shields.io/badge/Skills-45-green.svg)
+![Skills: 46](https://img.shields.io/badge/Skills-46-green.svg)
 ![Claude Code](https://img.shields.io/badge/Claude_Code-compatible-purple.svg)
 ![Gemini CLI](https://img.shields.io/badge/Gemini_CLI-compatible-purple.svg)
 ![Cursor](https://img.shields.io/badge/Cursor-compatible-purple.svg)
@@ -111,7 +111,7 @@ This is why some skills ship extra `.md` files alongside `SKILL.md` (e.g. `cloud
 
 ## Skills
 
-45 skills across 10 security domains.
+46 skills across 10 security domains.
 
 ### Application Security
 
@@ -204,6 +204,7 @@ This is why some skills ship extra `.md` files alongside `SKILL.md` (e.g. `cloud
 | Skill | Path | Frameworks |
 |-------|------|------------|
 | Pipeline Security | `skills/devsecops/pipeline-security/` | SLSA v1.0, OWASP CI/CD Top 10 |
+| Signed Build Manifest Review | `skills/devsecops/signed-build-manifest-review/` | SLSA v1.0, in-toto, Sigstore |
 | Secrets Management | `skills/devsecops/secrets-management/` | OWASP Secrets Mgmt, NIST SP 800-57 |
 | SAST Configuration | `skills/devsecops/sast-config/` | OWASP ASVS, CWE Top 25 |
 | DAST Configuration | `skills/devsecops/dast-config/` | OWASP Top 10, OWASP Testing Guide |
@@ -218,9 +219,9 @@ Pre-configured skill sequences for common security roles. Each bundle orchestrat
 |------|-------------|--------|
 | **vCISO** | Security program leadership, risk assessment, compliance, board reporting | nist-csf-assessment, soc2-gap, iam-review, cve-triage, threat-modeling |
 | **SOC Analyst** | Alert triage, threat hunting, incident investigation, detection engineering | alert-triage, detection-engineering, ir-playbook, log-analysis, cve-triage |
-| **Security Engineer** | Building security into products and infrastructure | secure-code-review, dependency-scanning, cve-triage, secrets-management, pipeline-security, container-security, iam-review |
-| **AppSec Engineer** | Application security design, testing, and code review | threat-modeling, secure-code-review, api-security, dependency-scanning, prompt-injection, owasp-top-10-web |
-| **Cloud Security Engineer** | Cloud posture, IaC review, container security, identity | aws-review, azure-review, gcp-review, iac-security, container-security, zero-trust-assessment, privileged-access |
+| **Security Engineer** | Building security into products and infrastructure | secure-code-review, dependency-scanning, cve-triage, secrets-management, pipeline-security, signed-build-manifest-review, container-security, iam-review |
+| **AppSec Engineer** | Application security design, testing, and code review | threat-modeling, secure-code-review, api-security, dependency-scanning, signed-build-manifest-review, prompt-injection, owasp-top-10-web |
+| **Cloud Security Engineer** | Cloud posture, IaC review, container security, identity | aws-review, azure-review, gcp-review, iac-security, signed-build-manifest-review, container-security, zero-trust-assessment, privileged-access |
 
 ---
 

index.yaml

@@ -6,7 +6,7 @@
 meta:
   version: "1.0.0"
   last_updated: "2026-03-05"
-  skill_count: 45
+  skill_count: 46
   role_count: 5
 
 tag_vocabulary:
@@ -530,6 +530,18 @@ skills:
     file: skills/devsecops/pipeline-security/SKILL.md
     compatible_tools: [claude-code, gemini-cli, cursor, codex-cli, openclaw, kiro]
 
+  - id: signed-build-manifest-review
+    name: "Signed Build Manifest Review"
+    tags: [devsecops, supply-chain, signing, provenance, release]
+    role: [security-engineer, appsec-engineer, cloud-security-engineer]
+    phase: [build, deploy, review]
+    activity: [review, audit]
+    frameworks: [SLSA-v1.0, in-toto, Sigstore, NIST-SP-800-53]
+    difficulty: intermediate
+    time_estimate: "30-60min"
+    file: skills/devsecops/signed-build-manifest-review/SKILL.md
+    compatible_tools: [claude-code, gemini-cli, cursor, codex-cli, openclaw, kiro]
+
   - id: secrets-management
     name: "Secrets Management Review"
     tags: [devsecops, secrets, vault, rotation]
@@ -582,17 +594,17 @@ roles:
   - id: security-engineer
     name: "Security Engineer"
     description: "Building security into products and infrastructure — reviews, tooling, remediation"
-    skills: [secure-code-review, dependency-scanning, cve-triage, secrets-management, pipeline-security, container-security, iam-review]
+    skills: [secure-code-review, dependency-scanning, cve-triage, secrets-management, pipeline-security, signed-build-manifest-review, container-security, iam-review]
     file: roles/security-engineer/SKILL.md
 
   - id: appsec-engineer
     name: "AppSec Engineer"
     description: "Application security design, testing, and code review"
-    skills: [threat-modeling, secure-code-review, api-security, dependency-scanning, prompt-injection, owasp-top-10-web]
+    skills: [threat-modeling, secure-code-review, api-security, dependency-scanning, signed-build-manifest-review, prompt-injection, owasp-top-10-web]
     file: roles/appsec-engineer/SKILL.md
 
   - id: cloud-security-engineer
     name: "Cloud Security Engineer"
     description: "Cloud security posture, IaC review, container security, identity"
-    skills: [aws-review, azure-review, gcp-review, iac-security, container-security, zero-trust-assessment, privileged-access]
+    skills: [aws-review, azure-review, gcp-review, iac-security, signed-build-manifest-review, container-security, zero-trust-assessment, privileged-access]
     file: roles/cloud-security-engineer/SKILL.md

roles/appsec-engineer/SKILL.md

@@ -37,7 +37,7 @@ Invoke this role bundle when any of the following conditions are true:
 
 If the ask is about infrastructure security (e.g., "review our Kubernetes RBAC") or program-level maturity (e.g., "assess our overall security posture"), use the `security-engineer` or `vciso` role bundle instead. This bundle is for application-layer security work.
 
-**Skills:** All skills referenced in this bundle are available: `threat-modeling`, `secure-code-review`, `llm-top-10`, `prompt-injection`, `api-security`, `dependency-scanning`, `owasp-top-10-web`, `sast-config`, `agent-security`.
+**Skills:** All skills referenced in this bundle are available: `threat-modeling`, `secure-code-review`, `llm-top-10`, `prompt-injection`, `api-security`, `dependency-scanning`, `signed-build-manifest-review`, `owasp-top-10-web`, `sast-config`, `agent-security`.
 
 ---
 
@@ -52,7 +52,7 @@ Each engagement type defines a skill sequence. Run the skills in order — each
 **Skill sequence:**
 
 ```
-threat-modeling → secure-code-review → api-security → dependency-scanning
+threat-modeling → secure-code-review → api-security → dependency-scanning → signed-build-manifest-review
 ```
 
 | Step | Skill | Purpose |
@@ -61,6 +61,7 @@ threat-modeling → secure-code-review → api-security → dependency-scanning
 | 2 | `secure-code-review` | Review the implementation against the threat model findings. Focus on the code paths identified as high-risk: authentication flows, authorization checks, input validation at trust boundaries, data encryption at rest and in transit, and error handling that might leak information. |
 | 3 | `api-security` | If the application exposes APIs: assess against the OWASP API Security Top 10. Test for broken object-level authorization (BOLA), broken authentication, excessive data exposure, lack of rate limiting, and mass assignment. API flaws are the leading cause of application-layer breaches. |
 | 4 | `dependency-scanning` | Audit all third-party dependencies: known CVEs, license compliance, maintenance status, and supply chain risk. A single compromised or abandoned dependency can undermine an otherwise secure application. |
+| 5 | `signed-build-manifest-review` | For application releases with signed manifests, SBOMs, or provenance attestations, verify artifact digest binding, signer identity, and promotion controls before customers receive the build. |
 
 **Deliverable:** Threat model document, code review findings with CWE classification, API security assessment results, dependency audit, and consolidated risk summary with remediation priorities.
 

roles/cloud-security-engineer/SKILL.md

@@ -38,7 +38,7 @@ Invoke this role bundle when any of the following conditions are true:
 
 If the ask is about application-layer security (e.g., "review this API for BOLA"), use the `appsec-engineer` role bundle. If the ask is about overall security program maturity, use the `vciso` role bundle. This bundle is for cloud infrastructure security.
 
-**Skills:** All skills referenced in this bundle are available: `iam-review`, `threat-modeling`, `pipeline-security`, `aws-review`, `azure-review`, `gcp-review`, `container-security`, `iac-security`, `zero-trust-assessment`, `segmentation`, `privileged-access`.
+**Skills:** All skills referenced in this bundle are available: `iam-review`, `threat-modeling`, `pipeline-security`, `aws-review`, `azure-review`, `gcp-review`, `container-security`, `iac-security`, `signed-build-manifest-review`, `zero-trust-assessment`, `segmentation`, `privileged-access`.
 
 ---
 
@@ -53,7 +53,7 @@ Each engagement type defines a skill sequence. Run the skills in order — each
 **Skill sequence:**
 
 ```
-aws-review → iam-review → container-security → iac-security
+aws-review → iam-review → container-security → iac-security → signed-build-manifest-review
 ```
 
 | Step | Skill | Purpose |
@@ -62,6 +62,7 @@ aws-review → iam-review → container-security → iac-security
 | 2 | `iam-review` | Deep dive into IAM: overprivileged roles, policies with wildcard actions or resources, unused roles and access keys, cross-account assume-role trust policies, IAM Access Analyzer findings, and service-linked role configurations. AWS breaches start with IAM — this is the highest-leverage review. |
 | 3 | `container-security` | If EKS or ECS is in use: review cluster configuration, IRSA (IAM Roles for Service Accounts), pod security standards, network policies, Fargate vs. EC2 security trade-offs, ECR image scanning, and container runtime configuration. |
 | 4 | `iac-security` | Review Terraform or CloudFormation templates for security misconfigurations before they reach production: S3 buckets without encryption, security groups with 0.0.0.0/0 ingress, RDS instances without encryption at rest, Lambda functions with overprivileged execution roles. Shift cloud security left into the IaC pipeline. |
+| 5 | `signed-build-manifest-review` | Review cloud artifact signing, provenance, promotion, and rollback controls so only digest-bound trusted builds can move into production environments. |
 
 **Deliverable:** AWS security posture report with CIS Benchmark mapping, IAM findings with privilege escalation paths, container security assessment, IaC hardening recommendations, and prioritized remediation plan.
 
@@ -74,7 +75,7 @@ aws-review → iam-review → container-security → iac-security
 **Skill sequence:**
 
 ```
-azure-review → iam-review → container-security → iac-security
+azure-review → iam-review → container-security → iac-security → signed-build-manifest-review
 ```
 
 | Step | Skill | Purpose |
@@ -83,6 +84,7 @@ azure-review → iam-review → container-security → iac-security
 | 2 | `iam-review` | Review Entra ID (Azure AD) and Azure RBAC: overprivileged role assignments, custom roles with excessive permissions, PIM (Privileged Identity Management) configuration, conditional access policies, service principal credentials and expiration, and managed identity usage patterns. |
 | 3 | `container-security` | If AKS is in use: review cluster configuration, Azure AD workload identity, pod security admission, network policies, Azure Policy for AKS, ACR (Azure Container Registry) security, and Defender for Containers findings. |
 | 4 | `iac-security` | Review Bicep, ARM templates, or Terraform configurations for security misconfigurations: storage accounts with public blob access, NSGs with overly permissive rules, Key Vaults without purge protection, App Services without HTTPS enforcement, and SQL servers without auditing. |
+| 5 | `signed-build-manifest-review` | Review cloud artifact signing, provenance, promotion, and rollback controls so only digest-bound trusted builds can move into production environments. |
 
 **Deliverable:** Azure security posture report with CIS Benchmark and Azure Security Benchmark mapping, Entra ID findings, container security assessment, IaC hardening recommendations, and prioritized remediation plan.
 
@@ -95,7 +97,7 @@ azure-review → iam-review → container-security → iac-security
 **Skill sequence:**
 
 ```
-gcp-review → iam-review → container-security → iac-security
+gcp-review → iam-review → container-security → iac-security → signed-build-manifest-review
 ```
 
 | Step | Skill | Purpose |
@@ -104,6 +106,7 @@ gcp-review → iam-review → container-security → iac-security
 | 2 | `iam-review` | Review GCP IAM: overprivileged roles (especially primitive roles like Editor and Owner), service account key sprawl, service account impersonation chains, Workload Identity Federation configuration, IAM Recommender findings, and organization-level IAM bindings. |
 | 3 | `container-security` | If GKE is in use: review cluster configuration, Workload Identity, Binary Authorization, network policies, GKE Autopilot security posture, Artifact Registry scanning, and Security Posture Dashboard findings. |
 | 4 | `iac-security` | Review Terraform configurations for GCP-specific misconfigurations: Cloud Storage buckets with uniform access disabled, firewall rules allowing 0.0.0.0/0 ingress, Cloud SQL without SSL enforcement, Compute instances with default service accounts, and Cloud Functions with overprivileged service accounts. |
+| 5 | `signed-build-manifest-review` | Review cloud artifact signing, provenance, promotion, and rollback controls so only digest-bound trusted builds can move into production environments. |
 
 **Deliverable:** GCP security posture report with CIS Benchmark mapping, IAM findings with impersonation chain analysis, container security assessment, IaC hardening recommendations, and prioritized remediation plan.
 

roles/security-engineer/SKILL.md

@@ -37,7 +37,7 @@ Invoke this role bundle when any of the following conditions are true:
 
 If the ask is a program-level concern (e.g., "assess our overall security maturity"), use the `vciso` role bundle instead. This bundle is for hands-on engineering work.
 
-**Skills:** All skills referenced in this bundle are available: `secure-code-review`, `cve-triage`, `pipeline-security`, `iam-review`, `threat-modeling`, `dependency-scanning`, `sast-config`, `secrets-management`, `container-security`, `patch-prioritization`, `scanner-tuning`, `firewall-review`.
+**Skills:** All skills referenced in this bundle are available: `secure-code-review`, `cve-triage`, `pipeline-security`, `signed-build-manifest-review`, `iam-review`, `threat-modeling`, `dependency-scanning`, `sast-config`, `secrets-management`, `container-security`, `patch-prioritization`, `scanner-tuning`, `firewall-review`.
 
 ---
 
@@ -72,14 +72,15 @@ secure-code-review → dependency-scanning → sast-config
 **Skill sequence:**
 
 ```
-pipeline-security → secrets-management → container-security
+pipeline-security → signed-build-manifest-review → secrets-management → container-security
 ```
 
 | Step | Skill | Purpose |
 |------|-------|---------|
 | 1 | `pipeline-security` | Assess the full build and deployment pipeline: source integrity (signed commits, branch protection), build isolation (ephemeral runners, no shared state), artifact integrity (signing, provenance), and deployment controls (approval gates, rollback capability). Map findings to SLSA levels. |
-| 2 | `secrets-management` | Audit how secrets are stored, rotated, and accessed across the pipeline. Check for hardcoded credentials in code, configuration, CI variables, and container images. Verify vault integration, rotation policies, and least-privilege access to secret stores. |
-| 3 | `container-security` | If the pipeline produces container images: scan base images for vulnerabilities, verify minimal image construction (no build tools in production images), check for running as root, validate image signing, and review registry access controls. |
+| 2 | `signed-build-manifest-review` | Validate signed release manifests, provenance attestations, artifact digest binding, promotion gates, replay controls, and exception paths so artifact trust is enforced at deployment time. |
+| 3 | `secrets-management` | Audit how secrets are stored, rotated, and accessed across the pipeline. Check for hardcoded credentials in code, configuration, CI variables, and container images. Verify vault integration, rotation policies, and least-privilege access to secret stores. |
+| 4 | `container-security` | If the pipeline produces container images: scan base images for vulnerabilities, verify minimal image construction (no build tools in production images), check for running as root, validate image signing, and review registry access controls. |
 
 **Deliverable:** Pipeline security assessment report with SLSA level mapping, secrets audit findings, container image hardening recommendations, and prioritized remediation plan.