MEOK.AI
Sign inStart Free
Features
Pricing
Blog
About
🚀 Activate your agent

Free forever · No credit card

SLSA Supply Chain MCP

Supply-chain Levels for Software Artifacts (SLSA v1.0). Provenance + isolation.

PyPI →MCP Registry →GitHub →

Install

# Option 1 — uvx (no install)
uvx slsa-supply-chain-mcp

# Option 2 — pip
pip install slsa-supply-chain-mcp

# Option 3 — npx meok-setup install (recommended)
npx meok-setup --pack cybersec

What it does

  • SLSA Level 1-4 evidence
  • Build provenance attestations
  • Hermetic build verification
  • GitHub Actions integration

Claude Desktop config

{
  "mcpServers": {
    "slsa-supply-chain": {
      "command": "uvx",
      "args": ["slsa-supply-chain-mcp"]
    }
  }
}

Part of the MEOK governance MCP suite — see all 38 servers

MIT licensed · HMAC-signed attestations · Built by MEOK AI Labs