diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 3cc372b2..32fc8324 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -122,6 +122,37 @@ jobs:
             --type spdxjson \
             ghcr.io/${{ github.repository }}/agent@${{ steps.build_agent.outputs.digest }}
 
+      - name: Build and push API Proxy image
+        id: build_api_proxy
+        uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5
+        with:
+          context: ./containers/api-proxy
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository }}/api-proxy:${{ steps.version_early.outputs.version_number }}
+            ghcr.io/${{ github.repository }}/api-proxy:latest
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Sign API Proxy image with cosign
+        run: |
+          cosign sign --yes \
+            ghcr.io/${{ github.repository }}/api-proxy@${{ steps.build_api_proxy.outputs.digest }}
+
+      - name: Generate SBOM for API Proxy image
+        uses: anchore/sbom-action@28d71544de8eaf1b958d335707167c5f783590ad # v0.22.2
+        with:
+          image: ghcr.io/${{ github.repository }}/api-proxy@${{ steps.build_api_proxy.outputs.digest }}
+          format: spdx-json
+          output-file: api-proxy-sbom.spdx.json
+
+      - name: Attest SBOM for API Proxy image
+        run: |
+          cosign attest --yes \
+            --predicate api-proxy-sbom.spdx.json \
+            --type spdxjson \
+            ghcr.io/${{ github.repository }}/api-proxy@${{ steps.build_api_proxy.outputs.digest }}
+
       # Build agent-act image with catthehacker/ubuntu:act-24.04 base for GitHub Actions parity
       - name: Build and push Agent-Act image
         id: build_agent_act
diff --git a/package-lock.json b/package-lock.json
index 6f4505e9..a9034be8 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "@github/agentic-workflow-firewall",
-  "version": "0.16.4",
+  "version": "0.16.5",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@github/agentic-workflow-firewall",
-      "version": "0.16.4",
+      "version": "0.16.5",
       "license": "MIT",
       "dependencies": {
         "chalk": "^4.1.2",
diff --git a/package.json b/package.json
index b67d279a..51ef19f1 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@github/agentic-workflow-firewall",
-  "version": "0.16.4",
+  "version": "0.16.5",
   "description": "Network firewall for agentic workflows with domain whitelisting",
   "main": "dist/cli.js",
   "bin": {