Skip to content

Sigstore — Software Artifact Signing and Verification API

Access Sigstore — Software Artifact Signing and Verification data programmatically. 13 controls, 4 domains, and cross-framework mappings to 692 frameworks via REST API or MCP.

13
Controls
4
Domains
441+
Mappings
Free
API Price

Add to Claude Desktop or Cursor

Copy this config into your MCP client to start querying Sigstore — Software Artifact Signing and Verification data with AI:

{
  "mcpServers": {
    "compliance": {
      "url": "https://api.theartofservice.com/mcp"
    }
  }
}

No API key required for up to 10 calls/day. Works with Claude Desktop, Cursor, Windsurf, and any MCP-compatible client.

REST API Examples

Get Sigstore — Software Artifact Signing and Verification details

curl https://api.theartofservice.com/api/agent/frameworks/Sigstore%20%E2%80%94%20Software%20Artifact%20Signing%20and%20Verification

List all Sigstore — Software Artifact Signing and Verification controls

curl https://api.theartofservice.com/api/agent/frameworks/Sigstore%20%E2%80%94%20Software%20Artifact%20Signing%20and%20Verification/controls

Map Sigstore — Software Artifact Signing and Verification to another framework

curl "https://api.theartofservice.com/api/agent/cross-map?source=Sigstore%20%E2%80%94%20Software%20Artifact%20Signing%20and%20Verification&target=SOC%202"

SDK Installation

Python (Langchain)

pip install theartofservice-compliance

npm (MCP Server)

npx @theartofservice/compliance-mcp

Frequently Asked Questions

Is there an API for Sigstore — Software Artifact Signing and Verification?
Yes. The Art of Service provides a REST API and MCP server with full Sigstore — Software Artifact Signing and Verification data: 13 controls across 4 domains, plus cross-framework mappings to 692 other compliance frameworks. Free tier includes 10 calls/day with no signup.
How do I access Sigstore — Software Artifact Signing and Verification controls programmatically?
Use the Compliance Intelligence API at api.theartofservice.com. Call GET /api/agent/frameworks/Sigstore%20%E2%80%94%20Software%20Artifact%20Signing%20and%20Verification/controls to retrieve all 13 controls with codes, titles, and descriptions. Supports filtering by domain.
Can I map Sigstore — Software Artifact Signing and Verification controls to other frameworks?
Yes. The API provides cross-framework mapping with 819,000+ control-to-control mappings. Call GET /api/agent/cross-map?source=Sigstore%20%E2%80%94%20Software%20Artifact%20Signing%20and%20Verification&target=TARGET to map Sigstore — Software Artifact Signing and Verification controls to any of 692 frameworks.
Does the Sigstore — Software Artifact Signing and Verification API work with Claude, ChatGPT, or Cursor?
Yes. The API is available as an MCP (Model Context Protocol) server. Add it to Claude Desktop, Cursor, or any MCP-compatible client with a single JSON config snippet. AI agents can then query Sigstore — Software Artifact Signing and Verification data directly.
How much does the Sigstore — Software Artifact Signing and Verification API cost?
Anonymous access is free (10 calls/day). Free accounts get 100 calls/month. Professional plans start at $49/month with 10,000 calls included. No credit card required for free tier.

Start using the Sigstore — Software Artifact Signing and Verification API today

No signup required for 10 free API calls per day. Create a free account for 100 calls/month.

Try the APICreate Free Account