https://github.com/mokkunsuzuki-code/stage331
Execution-session integrity verification for AI vulnerability evidence and audit workflows.
https://github.com/mokkunsuzuki-code/stage331
ai-security audit-evidence audit-trail evidence-verification execution-integrity qsp remeda sha256 verification
Last synced: 11 days ago
JSON representation
Execution-session integrity verification for AI vulnerability evidence and audit workflows.
- Host: GitHub
- URL: https://github.com/mokkunsuzuki-code/stage331
- Owner: mokkunsuzuki-code
- Created: 2026-05-22T06:41:36.000Z (about 1 month ago)
- Default Branch: main
- Last Pushed: 2026-05-22T06:49:02.000Z (about 1 month ago)
- Last Synced: 2026-05-22T14:59:22.885Z (about 1 month ago)
- Topics: ai-security, audit-evidence, audit-trail, evidence-verification, execution-integrity, qsp, remeda, sha256, verification
- Size: 36.1 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Stage332: Signed Execution Session
Stage332 adds cryptographic signatures to the execution session.
## What This Stage Adds
Stage331 produced an execution session.
Stage332 signs that session with:
- GPG
- Sigstore
## Audit Target
```text
docs/execution/execution_session.json
Public Evidence Files
docs/execution/execution_session.json
docs/execution/execution_session.json.sig
docs/execution/execution_session.json.bundle
docs/execution/public-key.asc
Why This Matters
Stage332 proves:
what execution session was generated
who generated it
whether the session was changed later
whether the evidence can be independently verified
This keeps QSP / VEP on the audit, evidence, verification, and transparency path.
Verify GPG Signature
gpg --import docs/execution/public-key.asc
gpg --verify \
docs/execution/execution_session.json.sig \
docs/execution/execution_session.json
Verify Sigstore Bundle
cosign verify-blob \
--bundle docs/execution/execution_session.json.bundle \
docs/execution/execution_session.json
Important
The local core is intentionally excluded from GitHub.
core/
local/
Only public audit evidence is published.
License
MIT License
Copyright (c) 2025 Motohiro Suzuki