diff --git a/.github/workflows/vib-build.yml b/.github/workflows/vib-build.yml
index 98d7121..105a690 100644
--- a/.github/workflows/vib-build.yml
+++ b/.github/workflows/vib-build.yml
@@ -15,6 +15,16 @@ env:
   BUILDX_NO_DEFAULT_ATTESTATIONS: 1
 
 jobs:
+  verify_image:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Verify Base Image Integrity
+      run:
+        gh attestation verify oci://ghcr.io/vanilla-os/desktop:main --owner Vanilla-OS
+      env:
+        GH_TOKEN: ${{ github.token }}
+
   check_update:
     runs-on: ubuntu-latest
 
@@ -91,7 +101,7 @@ jobs:
 
   build:
     runs-on: ubuntu-latest
-    needs: check_update
+    needs: [check_update, verify_image]
     if: ${{ needs.check_update.outputs.has_updates == 'true' }}
 
     permissions: