PyRank
  • Insights
  • PyPI
  • GitHub
  • Search
  • Compare
  • Advisories
  • Ecosystem
  • About

Sigstore Python Packages

Python packages with the GitHub topic sigstore. Sorted by relevance, with stars and monthly downloads.
astral-sh
sigstore-models

Pydantic-based, protobuf-free data models for Sigstore

582K 5 4
sigstore
model-signing

Supply chain security for ML

14K 237 62
attestplane
attestplane

Verifiable audit substrate for AI agents — EU AI Act Article 12 ready. Apache 2.0.

12K 2 2
b7n0de
proofbundle

Receipts for AI eval results: turn a result into one signed, offline-verifiable JSON file. Proves who signed it and that nothing changed — not that it's true. Ed25519 + RFC 6962.

8K 1 0
keelapi
keel-verifier

Independent verifier for signed AI audit exports and Permit-spec evidence

7K 3 0
Halfblood-Prince
trustcheck

Verify PyPI package attestations and improve Python supply-chain security

6K 78 1
CSOAI-ORG
watermarking-authenticity-mcp

EU AI Act Art.50 watermarking + C2PA 2.1. 2 Dec 2026 deadline. Part of the CSOAI Layer-0: 8 protocols · 100/100 A+++++ · world-leading.

3K 0 0
provedex
provedex

Cryptographic evidence layer for AI agents. Ed25519-signed, SHA-256-chained audit logs anyone can verify offline.

1K 3 1
arsbr
veritensor

The Anti-Virus for AI Artifacts & RAG Firewall. A static analysis tool scanning Models and Notebooks for RCE, Datasets and RAG docs for Data Poisoning, PII, and Prompt Injections. Secure your AI Supply Chain.

1K 80 6
mikedconcepcion
cuttledb

Embedded realtime database with vector search (HNSW), BM25, RRF hybrid retrieval, Boolean DSL, real-time SUB/UNSUB push, and ACID transactions with WAL. One self-contained binary under 1 MB. Apache-2.0.

916 2 0
ark-forge
arkforge-mcp

Third-party cryptographic proof for AI agent API calls — ArkForge Trust Layer MCP server

815 2 1
Metbcy
securescan

Diff-aware security scanning with multi-tool orchestration, deterministic SARIF, and PR-comment rendering.

569 0 0
piyushptiwari1
mcpkernel

The Security Kernel for AI Agents — MCP/A2A gateway with policy enforcement, taint tracking, sandboxed execution, deterministic envelopes, and Sigstore audit. OWASP ASI 2026 compliant.

528 1 0
konjoai
squash-ai

Squash violations, not velocity. Automated EU AI Act compliance for ML teams — CI/CD-native, open-core, developer-first.

413 2 0
heiwa4126
h4-hello

A simple hello world example

371 0 0
whiteprints
whiteprints

A Copier-based cookiecutter for creating Python projects managed by uv.

262 4 2
ainfera-ai
ainfera-verify

Offline verifier for Ainfera AuditChains. Trust no one — verify the chain yourself.

221 0 0
provedex
provedex-pipecat

Pipecat FrameProcessor that signs every frame via the Provedex sidecar.

178 3 1
rafaelperoco
secretgenerator-py

Auditable random credential generator for AI agents and machine-readable pipelines (Python wrapper around the secretgenerator CLI).

178 9 2
provedex
provedex-langchain

LangChain BaseCallbackHandler that signs every LLM and tool callback via the Provedex sidecar. Covers LangGraph by inheritance.

156 3 1
mareforma
mareforma-agent

Defensive name reservation — install 'mareforma' instead.

149 14 1
mareforma
mareforma-py

Defensive name reservation — install 'mareforma' instead.

144 14 1
mareforma
maraforma

Defensive name reservation — install 'mareforma' instead.

139 14 1
mkbhardwas12
pwned-deps

Drop your lockfile in, find out if you're pwned. Compromised-package scanner backed by OSV.dev.

138 164 172
    • Data from PyPI, GitHub, ClickHouse, and BigQuery