25 dependents
| Package | Description | Downloads/month |
|---|---|---|
| Detect and validate 500+ types of hardcoded secrets with advanced checks. Use it... | 557K | |
| A library to convert between Sigstore Bundles and PEP 740 Attestation objects | 28K | |
| Supply chain security for ML | 25K | |
| CI/CD verification agent for Mipiti — submit evidence assertions and signed veri... | 15K | |
| Supply chain security for ML | 8K | |
| Repository Service for TUF Command Line Interface | 6K | |
| Python client for Tinfoil | 6K | |
| Verify whether an LLM API gateway is actually serving the claimed model. Local M... | 2K | |
| Comprehensive LLM security scanner - Palisade | 1K | |
| Deterministic build-vs-borrow intelligence and open-source evaluation via MCP/CL... | 1K | |
| TG-BOT 插件的共享 manifest、bundle、digest 与 signer 校验合同层。 | 789 | |
| A library to convert between Sigstore Bundles and PEP 740 Attestation objects | 748 | |
| Open-source MCP/A2A security gateway — policy enforcement, taint tracking, sandb... | 527 | |
| Ground Truth Verification System — federated fact verifier for LLM agents | 340 | |
| AIXV helps organizations answer high-stakes questions before deploying or accept... | 330 | |
| A drop-in seat-belt library for machine-learning model files that prevents hidde... | 314 | |
| Deploy Cloudformation stack sets | 228 | |
| Keyless signing library for A2A Agent Cards using Sigstore and SLSA provenance | 196 | |
| Conduit: A CLI tool for bundling and distributing software as OCI artifacts | 176 | |
| trusted_log provides transparency log-related APIs to complete behavioral record... | 124 | |
| Ownership Attribution for Python Packages | 115 | |
| Verify SLSA provenance attestations for Docker container images | 78 | |
| Keyless signing library for A2A Agent Cards using Sigstore and SLSA provenance | 76 | |
| A CLI tool for bundling and distributing software as OCI artifacts with enterpri... | 74 | |
| A Python tool for verifying entries in the Sigstore Rekor transparency log | 55 |
