Install slsa-verifier from the slsa-framework/slsa-verifier GitHub releases for your platform
Run slsa-verifier verify-image <image-ref> --source-uri <github-repo-uri> --builder-id <builder-id> to verify the container image provenance
Pass --provenance-repository if the attestation was stored in a separate OCI repository from the image
The verifier checks that the provenance is signed by the expected builder, that the builder ID matches, and that the digest in the provenance matches the image
A zero exit code indicates successful verification; a non-zero exit code with an error message indicates a verification failure
Optionally pass --source-tag or --source-versioned-tag to further constrain which source ref is considered valid
Known gotchas
The image reference passed to slsa-verifier must include the digest (sha256:...) to pin to an immutable artifact; using a mutable tag alone may cause verification to fail or be unreliable
The builder-id for GitHub Actions SLSA Build L3 provenance is the URL of the reusable generator workflow including the pinned ref; using a different form will fail builder verification
slsa-verifier does not currently support all OCI registries equally; authentication to private registries may require setting up credentials separately before running the tool
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp