sev-attestation
Coding Agents & IDEs
v1.0.2
BenignPerform AMD SEV-SNP remote attestation to cryptographically verify VM identity and integrity.
11.6K downloads1.6K installsby @xinyuwang
Setup & Installation
Install command
clawhub install xinyuwang/sev-attestationIf the CLI is not installed:
Install command
npx clawhub@latest install xinyuwang/sev-attestationOr install with OpenClaw CLI:
Install command
openclaw skills install xinyuwang/sev-attestationor paste the repo link into your assistant's chat
Install command
https://github.com/openclaw/skills/tree/main/skills/xinyuwang/sev-attestationWhat This Skill Does
AMD SEV-SNP remote attestation for cryptographically verifying VM identity and integrity. Runs a 6-step workflow: detecting SEV-SNP availability, generating attestation reports with a nonce, fetching AMD certificates, verifying the certificate chain (ARK/ASK/VCEK), and validating the report signature.
Automates the full 6-step AMD SEV-SNP attestation workflow with individually runnable scripts, removing the need to manually chain openssl commands and AMD KDS API calls.
When to Use It
- Verifying a confidential VM before sharing secrets with it
- Proving a VM runs in a genuine AMD SEV-SNP environment for compliance audits
- Debugging attestation failures in confidential computing deployments
- Automating pre-deployment integrity checks on SEV-SNP VMs
- Validating AMD certificate chains before trusting remote workloads
View original SKILL.md file
# sev-attestation
AMD SEV-SNP remote attestation for cryptographic VM identity verification.
## Description
Perform AMD SEV-SNP (Secure Encrypted Virtualization - Secure Nested Paging) remote attestation to cryptographically verify VM identity and integrity. Use this skill when:
- Proving a VM is running in a genuine AMD SEV-SNP confidential computing environment
- Verifying the integrity of a confidential VM before trusting it with secrets
- Checking if SEV-SNP is available and properly configured
- Generating attestation reports for remote verification
- Validating AMD certificate chains (ARK → ASK → VCEK)
- Debugging attestation failures or certificate issues
**Keywords**: SEV-SNP, attestation, confidential computing, AMD, VCEK, certificate chain, remote attestation, VM identity, TCB, measurement
## Workflow
```
┌─────────────────────────────────────────────────────────────────┐
│ SEV-SNP Attestation Flow │
└─────────────────────────────────────────────────────────────────┘
│
▼
┌─────────────────┐
│ 1. Detection │
│ Is SEV-SNP │
│ available? │
└────────┬────────┘
│
┌──────────────┴──────────────┐
│ │
▼ ▼
┌─────────┐ ┌─────────┐
│ YES │ │ NO │
└────┬────┘ └────┬────┘
│ │
▼ ▼
┌─────────────────┐ ┌─────────────────┐
│ 2. Generate │ │ Exit with │
│ Report │ │ helpful error │
└────────┬────────┘ └─────────────────┘
│
▼
┌─────────────────┐
│ 3. Display │
│ Report Info │
└────────┬────────┘
│
▼
┌─────────────────┐
│ 4. Fetch AMD │
│ Certificates │
│ (ARK, ASK, VCEK)│
└────────┬────────┘
│
▼
┌─────────────────┐
│ 5. Verify │
│ Cert Chain │
└────────┬────────┘
│
▼
┌─────────────────┐
│ 6. Verify │
│ Report Sig │
└────────┬────────┘
│
▼
┌─────────────────┐
│ PASSED or │
│ FAILED │
└─────────────────┘
```
## Quick Start
### Check if SEV-SNP is Available
```bash
./scripts/detect-sev-snp.sh
```
### Run Full Attestation
```bash
./scripts/full-attestation.sh [output_dir]
```
This runs the complete 6-step attestation workflow and outputs PASSED or FAILED.
## Individual Steps
Each step can be run independently for debugging or custom workflows:
| Script | Purpose |
|--------|---------|
| `scripts/detect-sev-snp.sh` | Check SEV-SNP availability |
| `scripts/generate-report.sh <output_dir>` | Generate attestation report with nonce |
| `scripts/fetch-certificates.sh <report_file> <output_dir>` | Fetch AMD certificates from KDS |
| `scripts/verify-chain.sh <certs_dir>` | Verify certificate chain |
| `scripts/verify-report.sh <report_file> <certs_dir>` | Verify report signature |
## Prerequisites
- **snpguest**: Rust CLI from [virtee/snpguest](https://github.com/virtee/snpguest)
- **openssl**: For certificate operations
- **curl**: For fetching certificates from AMD KDS
- **Root access**: Required to access `/dev/sev-guest`
Install snpguest:
```bash
cargo install snpguest
```
## Reference Documentation
- [Report Fields](references/report-fields.md) - Attestation report field reference
- [Error Codes](references/error-codes.md) - Common errors and troubleshooting
- [Manual Verification](references/manual-verification.md) - OpenSSL-based verification without snpguest
## Technical Details
- **AMD KDS URL**: `https://kdsintf.amd.com`
- **Certificate Chain**: ARK (self-signed) → ASK → VCEK
- **Report Signature**: ECDSA P-384
- **Device**: `/dev/sev-guest` (requires root or sev group membership)
Example Workflow
Here's how your AI assistant might use this skill in practice.
INPUT
User asks: Verifying a confidential VM before sharing secrets with it
AGENT
- 1Verifying a confidential VM before sharing secrets with it
- 2Proving a VM runs in a genuine AMD SEV-SNP environment for compliance audits
- 3Debugging attestation failures in confidential computing deployments
- 4Automating pre-deployment integrity checks on SEV-SNP VMs
- 5Validating AMD certificate chains before trusting remote workloads
OUTPUT
Perform AMD SEV-SNP remote attestation to cryptographically verify VM identity and integrity.
Security Audits
VirusTotalBenign
OpenClawBenign
View full reportThese signals reflect official OpenClaw status values. A Suspicious status means the skill should be used with extra caution.