Install slsa-verifier; it is a standalone binary that verifies SLSA provenance attestations stored in OCI registries or as separate files.
Run slsa-verifier verify-image <image-digest-reference> --source-uri <expected-repo-uri> --builder-id <expected-builder-id> to verify both the provenance signature and the claimed source repository and builder.
Confirm the exit code: slsa-verifier exits 0 on successful verification and non-zero on failure, making it suitable for use as a pipeline gate.
For non-container artifacts, use slsa-verifier verify-artifact <artifact-path> --provenance-path <provenance-file> --source-uri <expected-repo-uri> to verify file-based provenance.
Integrate slsa-verifier into a deployment pipeline step that runs before deploying to production, so only images with verified provenance matching the expected source and builder are promoted.
Known gotchas
The --builder-id flag must match the exact builder URI embedded in the provenance; for slsa-github-generator reusable workflows this is the workflow ref URI — verify the expected value by inspecting a provenance attestation first.
slsa-verifier retrieves attestations from the OCI registry by default for images; ensure the registry is reachable and the image digest is used (not a tag) to guarantee you are verifying the correct artifact.
SLSA verification confirms provenance integrity but does not scan for vulnerabilities; it is one layer in a supply-chain defense stack, not a substitute for SBOM-based vulnerability scanning.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp