github · GitHub Actions Docs

Actions Verifying attestations offline - GitHub Docs

Provides instructions for verifying the authenticity of GitHub Actions artifact attestations in environments without internet access.

Import to Prompt Buddy

Derived skill

Files assembled from official documentation

Viewing SKILL.md

Actions Verifying attestations offline - GitHub Docs

Provides instructions for verifying the authenticity of GitHub Actions artifact attestations in environments without internet access.

When To Use

Use when you need to validate the integrity and provenance of build artifacts in an environment that lacks connectivity to GitHub's verification services.

Reference Files

File	Contains	Use For
`SKILL.md`	Entry point: scope, routing table, and workflow.	Start here.
`docs/actions-how-tos-secure-your-work-verifying-attestations-offline-github-d-workflow-guide.md`	A guide detailing the steps to download attestation bundles and trusted roots to verify artifact attestations in an offline environment.	Questions about a guide detailing the steps to download attestation bundles and trusted roots to verify artifact attestations in an o...
`examples/actions-how-tos-secure-your-work-verifying-attestations-offline-github-d.text`	A CLI command example using the GitHub CLI to download artifact attestations for offline verification.	Exact payloads, commands, or snippets shown in A CLI command example using the GitHub CLI to download artifact attestations for offline verification.
`examples/actions-how-tos-secure-your-work-verifying-attestations-offline-github-d-2.text`	A JSONL file containing trusted metadata for verifying artifact attestations offline.	Exact payloads, commands, or snippets shown in A JSONL file containing trusted metadata for verifying artifact attestations offline.
`examples/actions-how-tos-secure-your-work-verifying-attestations-offline-github-d-3.text`	A CLI command used to export a trusted root for offline attestation verification in GitHub Actions.	Exact payloads, commands, or snippets shown in A CLI command used to export a trusted root for offline attestation verification in GitHub Actions.
`examples/actions-how-tos-secure-your-work-verifying-attestations-offline-github-d-4.text`	A CLI command example using the GitHub CLI to verify artifact attestations offline with a custom trusted root.	Exact payloads, commands, or snippets shown in A CLI command example using the GitHub CLI to verify artifact attestations offline with a custom trusted root.

What This Skill Covers

- GitHub Actions / - How-tos / - Secure your work / - Use artifact attestations / - Verify attestations offline
Main sections: In this article, Prerequisites, Step 1: Download attestation bundle, Step 2: Download trusted roots, Step 3: Perform offline verification.

Workflow

Open the most relevant file under docs/ for the exact documented workflow and wording.
Open schemas/ files for exact structured contracts.
Open examples/ files for concrete requests, commands, snippets, and manifests.
Do not add behavior or configuration that is not present in the attached source files.

Canonical source: https://docs.github.com/en/actions/how-tos/secure-your-work/use-artifact-attestations/verify-attestations-offline

Skill metadata

Name: Actions Verifying attestations offline - GitHub Docs
Author: Bruno HANSS - Prompt Buddy
Generation mode: Ai Assisted Human Authored
Source count: 1

Provenance

Source program: GitHub Actions Docs
Last generated: May 10, 2026
Last source sync: Unknown
Source pages: 1

Safety model

Canonical source pages are preserved separately. Derived files record source evidence and require zero AI-generated facts.

File tree

Source links

https://docs.github.com/en/actions/how-tos/secure-your-work/use-artifact-attestations/verify-attestations-offline Back to skills