The following validation logic should be added to the SBRP build.

1. Ensure no packages are signed. Signed package are an indication that the package did not originate from SBRP. This is particularly relevant to text-only packages.
2. Ensure all packaged assemblies have the following attribute indicating the originated from SBRP.

[assembly: AssemblyInformationalVersion("<x.y.z> built by: SOURCEBUILD")]