Build a local evidence graph from SBOM, SLSA provenance, in-toto statements, OpenVEX, OSV and Grype JSON. Find missing attestations, unsigned artifacts and VEX gaps.
This browser-based utility is built for developers who need fast technical checks before running heavier CI, cluster, model, or security tooling. Sample data is included and core analysis runs locally in the browser.