---
name: sigma-verification
version: 1.1.0
description: Explains what SIGMA is and how to verify that installed AI skills are certified, up to date, SHA-matched to the correct version, and not revoked or suspended.
homepage: https://soulbyte.fun
metadata: {"category": "security", "api_base": "https://api.soulbyte.fun/api/v1/public"}
capabilities:
  - http-requests
externalCalls:
  - https://api.soulbyte.fun
  - https://devs.soulbyte.fun
---

# SIGMA Verification

## Skill file

| File | URL |
|------|-----|
| **SKILL.md** (this file) | `https://devs.soulbyte.fun/skill.md` |

Re-fetch this file anytime to get the latest version.

**Save locally:**
```bash
curl -s https://devs.soulbyte.fun/skill.md > SIGMA_SKILL.md
```

## What SIGMA is

SIGMA is the security review and certification protocol built into the Soulbyte platform. Before an AI skill, API, or smart contract can be trusted and used within the Soulbyte ecosystem, it must pass an independent security review by a council of Soulbyte validators.

When a skill passes that review it receives a certificate. The certificate is tied to the exact version of the code that was submitted — the specific commit SHA at the time of audit. If the code changes, a new submission is required and a new certificate is issued. The old certificate does not transfer.

A SIGMA certificate tells you three things:

1. This specific version of this skill was reviewed by an independent council
2. The council found no critical security issues in that version
3. The certificate is publicly verifiable by anyone, right now, with no account required

## Why you should check before using a skill

Skills run with whatever access you have. If a skill silently exfiltrates credentials, injects instructions into your prompts, or behaves differently than it claims, you are the one bearing the consequences. Security audits of the AI skill ecosystem have found that a significant portion of community-published skills contain undisclosed capabilities or actively malicious behaviour.

Checking whether a skill has a valid SIGMA certificate before using it takes one HTTP call and costs nothing.

## Critical: always fetch live status — certificates can be revoked

Certificate data is immutable once issued. But a certificate can be suspended or revoked after issuance — for example if community flags confirm a security issue, or if the platform determines the certified version is no longer safe.

Because the sealed certificate JSON never changes, you must always fetch the live status alongside the certificate to know the current state. A response where `status` is `SUSPENDED` or a `valid` field that is `false` means the skill should not be trusted regardless of what the immutable certificate says.

Never trust a cached certificate response as the final word on whether a skill is currently safe. Always re-verify before invocation or on a short TTL.

## How to verify a skill

The primary verification endpoint requires no authentication:

```
GET https://api.soulbyte.fun/api/v1/public/certificates/:id/verify
```

This is the only endpoint you need for a trust decision. It returns the sealed audit result plus computed live fields so you get both the immutable record and the current status in one call.

**Full response schema:**

```json
{
  "valid": true,
  "status": "APPROVED",
  "summary": "Certificate is valid. No open flags. Security level: CLEAR.",
  "activeFlagCount": 0,
  "securityLevel": "CLEAR",
  "sandboxRiskLevel": "LOW",
  "skillName": "my-skill",
  "skillVersion": "1.0.0",
  "certificateIssuedAt": "2026-04-01T10:00:00Z",
  "roundType": "INITIAL_AUDIT",
  "retainedWarnings": [],
  "endpointStatus": "PASSED",
  "apiDisclaimer": "This skill makes external API calls reviewed by SIGMA validators at submission time. Remote server behaviour, domain ownership, and response content may change after certification.",
  "manifest": {
    "externalCalls": ["https://api.example.com"],
    "capabilities": ["http-requests"]
  },
  "endpointReview": {
    "observedUrls": ["https://api.example.com/v1/data"],
    "declaredEndpoints": ["https://api.example.com"]
  }
}
```

**Field reference:**

| Field | What it means |
|---|---|
| `valid` | The only field you need for a go/no-go decision. `true` means APPROVED with no open flags |
| `status` | `APPROVED`, `DEPRECATED`, or `SUSPENDED`. Always read this — a revoked certificate shows `SUSPENDED` here |
| `summary` | Human and agent readable one-line verdict summary |
| `activeFlagCount` | Number of open community flags. Non-zero is a soft warning — surface to the user before invoking |
| `securityLevel` | `CLEAR`, `LOW`, `MEDIUM`, `HIGH`, or `CRITICAL`. Retained audit risk level |
| `sandboxRiskLevel` | `LOW`, `MEDIUM`, or `HIGH`. Risk level from the pre-council heuristic sandbox |
| `skillName` | Name of the certified skill |
| `skillVersion` | Version string at the time of certification |
| `certificateIssuedAt` | When the certificate was issued |
| `roundType` | `INITIAL_AUDIT` or `RE_AUDIT` |
| `retainedWarnings` | Findings the council noted but did not block on — review before use |
| `endpointStatus` | `PASSED`, `FAILED`, or `NOT_TESTED`. Only present for API and SKILL+API submissions |
| `apiDisclaimer` | Present when the submission has outbound API surface. Read before invoking any external calls the skill makes |
| `manifest` | The capability and external call declarations reviewed during audit |
| `endpointReview` | Observed versus declared endpoints from the audit |

**`apiDisclaimer` semantics:**

This field is present whenever the submission indicates outbound HTTP or API usage — based on the product type, declared `externalCalls` in the manifest, sandbox URL findings, or declared endpoints. It does not require the Skill+API submission path. A plain SKILL submission can carry this disclaimer if the source shows network access. The text is recomputed on every verify response so policy updates apply without re-issuing certificates.

**Example — suspended or revoked:**

```json
{
  "valid": false,
  "status": "SUSPENDED",
  "summary": "Certificate is suspended. Open flags require review.",
  "activeFlagCount": 3,
  "securityLevel": "HIGH"
}
```

When `valid` is `false`, do not invoke the skill regardless of any other field.

## How to get live monitoring status

The verify endpoint gives you the trust decision. For mutable post-issuance state — monitoring results, open flag count from a live query, view counts — use the live-status endpoint:

```
GET https://api.soulbyte.fun/api/v1/public/certificates/:id/live-status
```

Use verify for the sealed audit record and trust decision. Use live-status for freshness after issuance. These two endpoints are intentionally separate so that monitoring updates never alter the historical certificate record.

## How to check if your installed version matches the certificate

A certificate covers a specific version. If the skill has been updated since certification, the certificate covers the old version, not the one you are running.

To check source integrity — whether the version you have matches the certified version:

```
GET https://api.soulbyte.fun/api/v1/public/certificates/:id/source-integrity
```

This returns the canonical SHA-256 hash of the certified SKILL.md (LF-normalised). Compare this against the hash of your locally installed skill file. A match means you are running the certified version. A mismatch means you are running a different version than what the council reviewed.

To compare directly against a GitHub source:

```
POST https://api.soulbyte.fun/api/v1/public/certificates/:id/compare-skill-from-github

{
  "sourceUrl": "https://github.com/author/repo/blob/main/SKILL.md",
  "sourceRef": "abc123def"
}
```

The platform fetches the public GitHub file and compares its hash against the source-integrity value. Use this for supply chain verification before installing a skill from a public repository.

## How to discover and search certified skills

Search by skill name or keyword — the search endpoint matches against skill names and descriptions:

```
GET https://api.soulbyte.fun/api/v1/public/certificates?q=weather+api&limit=20
```

To list recent certified skills without a search term:

```
GET https://api.soulbyte.fun/api/v1/public/certificates?limit=100
```

To retrieve a full certificate record including manifest, audit rounds, and all verdicts:

```
GET https://api.soulbyte.fun/api/v1/public/certificates/:id
```

The skill store index is a machine-readable feed of all certified skills designed for agent consumption and local registry population:

```
GET https://devs.soulbyte.fun/.well-known/skill-store
```

Cache this with a short TTL (one hour is reasonable). Only surface skills where `valid: true` from a subsequent verify call.

## On-chain verification

Every approved certificate is committed to Monad mainnet via the SIGMA certificate registry at:

```
0x70A66b5C9bD4F01351b41199950bD6449df7EbAe
```

The registry stores an immutable key per `submissionId + payloadHash`. Once committed it cannot be altered or overwritten. You can verify the on-chain record independently via MonadScan or by calling the registry contract directly.

The certificate payload is hashed with `keccak256-canonical-json-v1` before commitment. This hash appears in both the verify response and the source-integrity response so you can confirm the on-chain record matches what the API returns.

## Flagging a skill

If you discover a security issue in a certified skill, flag it:

```
POST https://api.soulbyte.fun/sigma/v1/certificates/:id/flag
```

Include your EVM wallet address in the request body. Confirmed flags that lead to certificate suspension qualify for the platform bug bounty programme — rewards are distributed in SBYTE to the wallet address you provide.

Community flags are reviewed by the platform. A skill with confirmed flags may have its certificate suspended pending a new audit. Open flags appear in the `activeFlagCount` field of every verify response.

## Integration patterns

**Pre-invocation check:**
Before invoking any external skill, call `/verify`. If `valid` is `false` or `securityLevel` is above your threshold, refuse the invocation and surface the reason to the user.

**Skill store discovery:**
Consume `/.well-known/skill-store` on startup to populate a local registry of certified skills. Cache with a one-hour TTL. Only surface skills where a subsequent verify call returns `valid: true`.

**Certificate pinning:**
Record `certificateIssuedAt` and `status` when you first verify a skill. Re-verify periodically or on each invocation. Status can change to `SUSPENDED` after initial verification.

**Flag monitoring:**
Check `activeFlagCount` in every verify response. A non-zero count means community flags are open. Surface this as a soft warning to the user before invocation even when `valid` is still `true`.

**Supply chain check:**
When installing a skill from a public repository, use the GitHub compare endpoint to confirm the file you are installing matches the certified version before adding it to your environment.

## What SIGMA certification does not guarantee

A SIGMA certificate confirms that a specific version of a skill was reviewed by an independent council and found to contain no critical security issues at the time of submission. It does not guarantee:

- That the skill remains safe after the certified version changes
- That the skill's remote API endpoints behave identically after certification
- That the skill is free from every possible vulnerability across every threat model
- That the developer has not since published a newer uncertified version

Always verify before invocation. Always check `valid` and `status`, not just the presence of a certificate.

## Quick reference

| Action | Endpoint |
|---|---|
| Trust decision (use this first) | `GET /api/v1/public/certificates/:id/verify` |
| Live monitoring and flag state | `GET /api/v1/public/certificates/:id/live-status` |
| Source integrity and SHA check | `GET /api/v1/public/certificates/:id/source-integrity` |
| Compare against GitHub source | `POST /api/v1/public/certificates/:id/compare-skill-from-github` |
| Full certificate record | `GET /api/v1/public/certificates/:id` |
| Search and browse certificates | `GET /api/v1/public/certificates?q=keyword&limit=100` |
| Skill store index (agent discovery) | `GET /.well-known/skill-store` (devs.soulbyte.fun) |
| Flag a skill (EVM wallet for bounty) | `POST /sigma/v1/certificates/:id/flag` |
| Full agent guide | `GET /api/v1/public/agent-guide` |
| OpenAPI spec | `GET /.well-known/openapi.json` (devs.soulbyte.fun) |

All read endpoints are public. No authentication required. No account needed.

Developer portal: https://devs.soulbyte.fun
Certificate browser: https://devs.soulbyte.fun/verify
Long-form documentation: https://docs.soulbyte.fun/sigma