Skip to content

P1-tool-integrity: signed tool manifests + pinned runtime versions #318

Open
Open
P1-tool-integrity: signed tool manifests + pinned runtime versions#318
Assignees
omarespejel
Labels
area:infraCI/spec/conformance and toolingarea:securitySecurity hardening and threat-model correctnessenhancementNew feature or requestpriority:P1High leverage / next
Milestone
Security Proof & Attestation v1
@omarespejel

Description

@omarespejel
omarespejel
opened on Mar 4, 2026

Summary

Protect tool execution from silent drift or supply-chain mismatch.

Problem

Tool metadata/schema/runtime versions can drift across environments, weakening deterministic safety checks.

Scope

  • Introduce signed tool manifest containing:
    • tool name
    • schema hash
    • implementation package/version
    • policy profile compatibility
  • Enforce manifest verification at startup for production profile.
  • Block execution when manifest signature invalid or version not allowlisted.
  • Add explicit upgrade workflow docs (rotate manifest, review diff, re-sign).

Acceptance Criteria

  • Startup fails closed on invalid manifest
  • Policy layer can assert expected manifest digest in logs/artifacts
  • CI includes manifest verification test
  • Upgrade runbook documented

Metadata

Metadata

Assignees

Labels

area:infraCI/spec/conformance and toolingarea:securitySecurity hardening and threat-model correctnessenhancementNew feature or requestpriority:P1High leverage / next

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions