0848cba509bffb35
A signed, replayable claim about an AI-assisted pull request. Verify it without trusting the runner that produced it.
Context
- PR
- #3
- Commit
- 2fd2ecc
Bound to workflow
delimit-ai/delimit-action-demo/.github/workflows/api-check.yml@refs/pull/3/merge
The Sigstore certificate's subject alternative name binds this signature to this exact GitHub Actions workflow file at this exact ref. A reviewer can verify with cosign verify-blob --certificate-identity set to this URI to refuse signatures from any other workflow.
Rekor transparency log
#1379090820
The signature is recorded in Sigstore's public transparency log. The Rekor entry survives even after the signing certificate expires.
Download signed bundle
delimit-attestation-0848cba509bffb35
The signed JSON + cosign bundle is available as a workflow-run artifact for 90 days. Open the run, scroll to Artifacts, and download to verify locally.
Verify this attestation
Download the signed bundle (above), then run:
cosign verify-blob \ --bundle delimit_attestation.sigstore \ --certificate-identity 'delimit-ai/delimit-action-demo/.github/workflows/api-check.yml@refs/pull/3/merge' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ delimit_attestation.json
The --certificate-identity binding refuses any signature not produced by this exact workflow at this exact ref. That's the strongest provenance check available.
What this attests
- The Delimit governance report for this pull request — breaking-change classification, semver verdict, policy violations — was produced by the source workflow at the recorded commit.
- The signature is keyless: a short-lived Fulcio certificate bound to the GitHub OIDC identity of the workflow run.
- The Rekor entry is the durable public proof. Any third party can replay the verification without trusting Delimit, GitHub, or the action runner.
Delimit's product object is the merge gate for AI-written code, with signed, replayable attestation. This page is the buyer-visible end of that chain.