Developed and integrated a build artifact provenance and attestation feature for the clash-verge-rev repository, focusing on enhancing software supply chain integrity and artifact traceability across multiple operating systems. Leveraged CI/CD practices and DevOps methodologies, utilizing GitHub Actions and YAML to orchestrate provenance workflows and automate attestation generation during release processes. Improved the build pipeline by introducing fallback mechanisms for artifact delivery and refining permissions to limit scope within release workflows. This work strengthened compliance readiness and release confidence by embedding provenance standards directly into CI workflows, laying the groundwork for future automation and more robust artifact governance in the project.