Skip to content
Recued
Menu
← Back to packs

GPG Verify Pack

by recued-core v1 app_pack

V3 deterministic OpenPGP signature verification capability pack. By-value connector composition (service_kind=cli, no separate ingredient): the local gpgv CLI verifies one trusted local file path against a detached signature and trusted keyring via signature.verify. This pack uses gpgv, not generic gpg, so it is verification-only: no signing, import, trustdb mutation, keyserver access, or key management workflow. The operation is exit-code-only; a zero exit code means the signature verified. Requires gpgv on PATH (Debian/Ubuntu: apt install gpgv; macOS: install GnuPG). Local and no-egress.

What this pack installs

  • gpg-verify Ingredient

Trust & control

What installing this whole pack would let it do. Recued grants these permissions at install — review them there before approving.

Where it runs

Server only Runs on your server.

What it's allowed to do

Read Local CLI gpgv read-only
Read: signature.verify · No approval

Data it touches

SurfacesLocal CLI

About

Tags

pack:gpg-verifygpgvopenpgpsignatureverifyclisecuritysupply-chaindeterministiclocal-servicev3composition