Pluck Studio / Bureau

SBOM-AI

Sigstore-anchored AI supply-chain registry. Every probe-pack, every model card, every MCP-server release publishes an in-toto attestation to Rekor. Consumers verify provenance before running anything.

Why SBOM-AI ships before NUCLEI

NUCLEI's community probe-pack ecosystem opens once SBOM-AI is operational. Without a public supply-chain ledger, the first poisoned community pack would compromise every DRAGNET consumer downstream. Phase 1.5 lands SBOM-AI + ROTATE together — these are the existential foundations.

Three artifact kinds

  • probe-pack — every signed @sizls/pluck-bureau-core ProbePack body. The packHash IS the artifact digest.
  • model-card — Hugging Face / OpenAI ModelCard JSON, canonical-JSON-hashed.
  • mcp-server — MCP server release tarball (sha256 of raw bytes — interoperable with cosign sign-blob).

Lookup an artifact

Phase 1.5 ships local-only. Phase 2 wires the Kite Event Log so this search resolves against ingested entries. For now, paste a sha256 to see the URL pattern:

studio.pluck.run/bureau/sbom-ai/<sha256>

CLI

# publish
pluck bureau sbom-ai publish probe-pack ./pack.json --keys ./keys --accept-public

# verify
pluck bureau sbom-ai verify <rekor-uuid>

# lookup (Phase 1.5 — Phase 2+ wires Kite)
pluck bureau sbom-ai lookup <sha256> --seed <uuid>