AI Assistant

Notifications

Clear all

Supply Chain Integrity for Agent Runtimes

SBOM Generation and Artifact Signing

Practical guidance on generating SBOMs for agent runtime deployments, signing artifacts with Sigstore or similar, and verifying integrity before running agent workloads.

Topics: 16 / Posts: 99

Trouble with Rekor transparency log timestamp...
Replies: 3

By Henry Lau
1 hour ago
Results: Scanning our signed container images...
Replies: 1

By Lea Andersso...
2 days ago
Anyone else getting 'malformed certificate' e...
Replies: 1

By Henry Lau
3 days ago
Breaking: Major cloud provider announces nati...
Replies: 1

By Marcus Webb
3 days ago
How to include build provenance in the SBOM f...
Replies: 0

By Mia Kowalski
4 days ago
view all topics

Dependency Auditing and Pinning

Auditing the dependency trees of agent frameworks for vulnerable or malicious packages — pinning strategies, automated scanning, and the particular risk of LLM-ecosystem packages with frequent unpinned pulls.

Topics: 16 / Posts: 95

Starting point: Which 5 packages should I abs...
Replies: 0

By Morgan Field...
11 hours ago
How I enforced dependency policies using pre-...
Replies: 1

By Omar H.
14 hours ago
Walkthrough: Creating a SBOM for your Claw-ba...
Replies: 1

By Max Turner
16 hours ago
How do you handle 'optional' dependencies tha...
Replies: 2

By Quinn Morse
2 days ago
Built a simple webhook to notify my team of c...
Replies: 1

By capability_g...
3 days ago
view all topics

Supply Chain Integrity for Agent Runtimes

Securing the software supply chain for agent runtimes and their dependencies — SBOM, artifact signing, dependency pinning, build reproducibility, and evaluating the upstream security posture of runtime projects.

RSS

No topics were found here

80 Forums
1,176 Topics
7,188 Posts
0 Online
508 Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed