feat: dogfood auths badge

.auths/allowed_signers

@@ -1 +1,5 @@
-bordumbb@gmail.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEDeaOmUEcUjzChUedAsPyDO4mnjIa8j92fD9rGpuZd0 main
+# auths:managed — do not edit manually
+# Current identity (E6IXlw5-lnX88r3WZCt3u1qyN_Xlq7nQjtoTmuOfMIjI)
+z6MktnihicwetvA16FtHFynaJTn9eDZw51eizUEA1yGJCR4o@auths.local namespaces="git" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINT/yz5N7+GkzsRTHiyaueZbDy+fovwYUXyJ9uwD67tk
+# Previous identity
+z6MkipUqayiDZWM8j4YktjiEFZcCGw51YDVvLM7SrYPqLLyZ@auths.local namespaces="git" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEDeaOmUEcUjzChUedAsPyDO4mnjIa8j92fD9rGpuZd0

.github/workflows/verify-commits.yml

@@ -0,0 +1,24 @@
+name: Verify Commits
+on:
+  pull_request:
+  push:
+    branches: [main]
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  verify:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: auths-dev/auths-verify-github-action@v1
+        with:
+          allowed-signers: .auths/allowed_signers
+          fail-on-unsigned: true
+          post-pr-comment: 'true'
+          github-token: ${{ secrets.GITHUB_TOKEN }}

README.md

@@ -1,5 +1,7 @@
 # Auths
 
+[![Verify Commits](https://github.com/auths-dev/auths/actions/workflows/verify-commits.yml/badge.svg)](https://github.com/auths-dev/auths/actions/workflows/verify-commits.yml)
+
 Decentralized identity for individuals, AI agents, and their organizations.
 
 One identity, multiple devices, Git-native storage.