new two advisories and sprints work on them

src/__Libraries/StellaOps.Doctor.Plugins.Verification/VerificationPlugin.cs

@@ -0,0 +1,60 @@
+using Microsoft.Extensions.Configuration;
+using StellaOps.Doctor.Plugins;
+using StellaOps.Doctor.Plugins.Verification.Checks;
+using StellaOps.Doctor.Plugins.Verification.Configuration;
+
+namespace StellaOps.Doctor.Plugins.Verification;
+
+/// <summary>
+/// Artifact verification pipeline diagnostic plugin providing SBOM, VEX, signature, and policy health checks.
+/// </summary>
+public sealed class VerificationPlugin : IDoctorPlugin
+{
+    /// <inheritdoc />
+    public string PluginId => "stellaops.doctor.verification";
+
+    /// <inheritdoc />
+    public string DisplayName => "Artifact Verification Pipeline";
+
+    /// <inheritdoc />
+    public DoctorCategory Category => DoctorCategory.Security;
+
+    /// <inheritdoc />
+    public Version Version => new(1, 0, 0);
+
+    /// <inheritdoc />
+    public Version MinEngineVersion => new(1, 0, 0);
+
+    /// <inheritdoc />
+    public bool IsAvailable(IServiceProvider services)
+    {
+        // Plugin is available if verification configuration exists
+        return true; // Checks will skip if not configured
+    }
+
+    /// <inheritdoc />
+    public IReadOnlyList<IDoctorCheck> GetChecks(DoctorPluginContext context)
+    {
+        return
+        [
+            new TestArtifactPullCheck(),
+            new SignatureVerificationCheck(),
+            new SbomValidationCheck(),
+            new VexValidationCheck(),
+            new PolicyEngineCheck()
+        ];
+    }
+
+    /// <inheritdoc />
+    public Task InitializeAsync(DoctorPluginContext context, CancellationToken ct)
+    {
+        return Task.CompletedTask;
+    }
+
+    internal static VerificationPluginOptions GetOptions(DoctorPluginContext context)
+    {
+        var options = new VerificationPluginOptions();
+        context.PluginConfig.Bind(options);
+        return options;
+    }
+}