From 50659de3ef5c4e1a190c8f9aba4e43fa8835e859 Mon Sep 17 00:00:00 2001
From: Jeff Culverhouse <jeff@graystorm.com>
Date: Tue, 23 Dec 2025 10:15:50 -0500
Subject: [PATCH] docs: add security badges to README
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Added badges for SBOM, provenance attestation, cosign signing, and Trivy scanning.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 README.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/README.md b/README.md
index d760dda..6b2a912 100644
--- a/README.md
+++ b/README.md
@@ -132,3 +132,10 @@ Docker is the only supported way of deploying the application. The app should ru
 ![Docker Image Version](https://img.shields.io/docker/v/graystorm/amcrest2mqtt?sort=semver&logo=docker)
 ![Docker Pulls](https://img.shields.io/docker/pulls/graystorm/amcrest2mqtt?logo=docker)
 ![License](https://img.shields.io/github/license/weirdtangent/amcrest2mqtt)
+
+### Security
+
+![SBOM](https://img.shields.io/badge/SBOM-included-green?logo=docker)
+![Provenance](https://img.shields.io/badge/provenance-attested-green?logo=sigstore)
+![Signed](https://img.shields.io/badge/cosign-signed-green?logo=sigstore)
+![Trivy](https://img.shields.io/badge/trivy-scanned-green?logo=aquasecurity)