Supply-Chain Attestation Chain

22 build artifacts (containers + npm + pip + binaries) with SLSA v1.0 attestation chain. Per artifact: SLSA level, Sigstore signature, in-toto provenance, SBOM (CycloneDX 1.6), build-system attestation, source provenance, runtime verification. Surfaces 4 SLSA Level 1 + 2 unsigned releases.