nono-attest
Version updated for https://github.com/always-further/nono-attest to version v0.0.3.
- This action is used across all versions by ? repositories.
Action Type
This is a Composite action.
Go to the GitHub Marketplace to find the latest changes.
Action Summary
This GitHub Action provides cryptographic signing and verification for AI agent instruction files (e.g., SKILLS.md, AGENT.md) to ensure their integrity and protect against tampering, such as prompt injection attacks. It leverages Sigstore and Nono for keyless attestation, eliminating the need for managing private keys or secrets, and generates a Sigstore bundle with robust verification artifacts. The action automates signing and verifying instruction files in CI workflows, creating a secure chain of trust for AI agent configurations.
Release notes
Full Changelog: https://github.com/always-further/nono-attest/compare/v0.0.2...v0.0.3