Memeroot · signed Claude Code skills · interactive showcase

The signature is the publication.

A Claude Code skill, signed by its author, lives in your browser as one self-contained HTML. Verify the signature in WebCrypto — locally, no service, no account. Below: it actually happens, in front of you. Click TAMPER and watch the signature break.

The signed skill

This is a real skill — regulated-document-author — signed by a real ECDSA-P256 keypair generated at build time. The signature, public key, and content are embedded in this page. The verify button below runs your browser's WebCrypto against them.

live · ECDSA-P256-SHA256 · verification runs in your browser
--- name: regulated-document-author description: Use when authoring documents that face regulatory scrutiny (SOX internal controls, FDA submissions, IRB protocols, audit packets, GMP records, compliance attestations). Ensures cryptographic provenance, multi-party attestation, and tamper-evident structure. --- # regulated-document-author ## When to use The user is producing documentation that will be reviewed by external auditors, regulators, or internal compliance teams — anywhere a chain-of-custody on the documentation matters. Common signals: "SOX control", "FDA submission", "IRB protocol", "audit packet", "GMP record", "compliance attestation". ## Instructions ### Identify the regulatory frame Determine which regulatory framework applies: SOX (financial controls), FDA 21 CFR Part 11 (electronic records), ICH GCP (clinical trials), HIPAA (health information), defense procurement (DFARS clauses). The framework dictates required document structure, retention period, and signature requirements. ### Structure as addressable regions Author each document component (control declaration, test of design, test of effectiveness, sign-off, finding) as its own addressable source. Granular regions are independently signable and verifiable. ### Apply separation of duties to attestations Different actors sign different artifacts. Control owner signs the control declaration. Tester signs the test. Reviewer counter-signs the package. ### Preserve fork lineage on revisions When a regulated document is revised, fork the original rather than overwrite. The fork-source element preserves verifiable lineage for the audit trail. ### Bundle as the deliverable The audit packet is the bundle.html, not the database record on a GRC platform. The bundle is self-contained, transferable, verifiable in any browser without a platform account.
· signed by Rob Anderson · Memeroot Ltd fp 3df27085aeb8553a click verify
· counter-signed by Internal Audit · Memeroot Ltd fp f91514fe85193936 click verify
copied · paste into ~/.claude/skills/regulated-document-author/SKILL.md

What happens when you fork a signed skill

Two organizations took the original skill and specialized it: Acme Health for HIPAA / GxP workflows, Beta Bank for SOX / Basel / FINRA workflows. Each fork carries its own signature plus a fork-source reference back to the original. Click any node to see its provenance — including a real signature verification.

regulated-doc-author ORIGINAL fp 3df27085aeb8… counter-sign REVIEWED ✓ healthcare specialization FORK · Acme Health fp d875bac5ed58… finance specialization FORK · Beta Bank fp 773ab0e1a6e0… PUBLISHED · MAY 2026 FORKED · LINEAGE CRYPTOGRAPHIC
click a node

What this enables that copy-paste sharing cannot

A skill is instructions Claude follows. When the skill's outputs face regulatory scrutiny — controls, FDA records, IRB protocols, legal contracts — the consumer needs to know not just what the instructions are, but who wrote them, whether they've been modified, and where the lineage went.

Today, sharing skills means sharing a SKILL.md folder. Trust is implicit. A repository hosts the canonical version; everyone else copies. Modifications are invisible. Forks lose lineage on every copy-paste. The audit story for a regulated-skill use is: "we trusted the source."

Signed skill bundles invert the trust topology. The skill is the artifact; the signature is the publication; verification is local; modifications are visible; forks carry lineage.

What this enables

What's structurally common: the cryptography distributes trust so no central operator is needed. The bundle distributes the artifact so no service is needed. Signing distributes authorship so no platform identity is needed.

This is the shape of a healthy skill ecosystem — federated, verifiable, transferable, durable. Anthropic ships the substrate (Claude Code reads SKILL.md). Authors ship the artifacts (bundles). Channels distribute (anywhere a file can go). Cryptography handles trust. Nobody owns the trust layer.