[AAASM-3568] 🔒 (python-sdk): SDK supply-chain attestation + SBOM + advisory gate

[Chisanan232]

Description

Hardens the python-sdk distribution supply chain (Story AAASM-3568). Four focused changes:

• AAASM-3611 — PEP 740 attestations: pin attestations: true on the PyPI Trusted Publisher step so every wheel/sdist ships a Sigstore-backed attestation minted from the existing OIDC identity. An artifact uploaded outside this OIDC-gated workflow carries no attestation and is detectable.
• AAASM-3615 — CycloneDX SBOM per release: new sbom job runs cyclonedx-py environment over the uv-synced resolved venv; the SBOM is attached to the GitHub Release on the real-publish path.
• AAASM-3612 — pip-audit advisory gate: new dependency-audit job in ci.yaml runs pip-audit --strict against the locked environment on every push/PR, wired into the CI Success aggregate gate, with a documented (empty) --ignore-vuln allowlist for unfixable advisories.
• AAASM-3628 — docs: SECURITY.md documenting the canonical PyPI name (agent-assembly, with typosquat warning) and a consumer verification recipe (attestations + SBOM), linked from the README.

Builds on the operator-gated, FFI-pin-lockstep publish pipeline (AAASM-3503 / AAASM-3468) without altering its gating.

Type of Change

• ✨ New feature
• 🔧 Bug fix
• ♻️ Refactoring
• 🍀 Performance improvement
• 📚 Documentation update
• 🚀 Release
• 🔒 Security / supply-chain hardening

Breaking Changes

• No
• Yes (please describe below)

Related Issues

• Related JIRA ticket: AAASM-3568 (Story); subtasks AAASM-3611, AAASM-3612, AAASM-3615, AAASM-3628
• Related GitHub issues: N/A

Testing

• Unit tests added/updated
• Integration tests added/updated
• Manual testing performed
• No tests required (explain why)

Validated both changed workflows with actionlint (clean) and confirmed YAML parses. Workflow/SBOM/attestation behavior is exercised by the release pipeline on a real (or dry-run) dispatch and the pip-audit gate runs in CI on this PR.

Checklist

• Code follows project style guidelines
• Self-review completed
• Comments added for complex logic
• Documentation updated if needed
• All tests passing

🤖 Generated with Claude Code

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[Chisanan232]

Merge-readiness review — AAASM-3568 (python-sdk)

CI: ALL GREEN. Buckets — tests/build (build-and-test_all unit/integration/contract + codecov), advisory gate (Dependency advisory audit (pip-audit) ✅), security (CodeQL/Analyze ✅), tag-fixture suite ✅, CI Success ✅, SonarCloud ✅. E2E jobs correctly skipping (gated). No red checks; nothing to fix.

Scope vs ticket — all three python-sdk subtasks covered, no gap:

• AAASM-3611 (PEP 740 attestations) — release-python.yml publish job sets attestations: true on gh-action-pypi-publish, reusing Trusted-Publisher OIDC (no new secret). ✅
• AAASM-3612 (pip-audit advisory gate) — new dependency-audit job runs pip-audit --strict on the frozen env and is wired into the CI Success aggregate gate. ✅
• AAASM-3615 (CycloneDX SBOM) — new sbom job emits sbom.cdx.json via cyclonedx-py; create-github-release downloads + attaches it (--clobber, idempotent). ✅
• Shared docs (AAASM-3628): SECURITY.md (canonical name agent-assembly, attestation + SBOM verification) + README supply-chain note. ✅

Release-time steps (attestation/SBOM attach) only execute on a real release dispatch — confirmed they don't run on this PR and are workflow-valid (CI green). pip-audit gate runs on every PR/push and is live.

Verdict: READY TO MERGE.

— Claude Code