No verify logs on split build/publish infrastructure
When using a split infrastructure for build and publish, any errors verifying builds against external (upstream) binaries are hidden and can't be published along with the build logs. This is because verification is done at publish time (it's analogous to publishing, and a 'trusted' decision, so the positioning is correct - both at the same place, and as far offline as possible). The output can't be logged at this stage due to how 'offline' it is.
There are two possible answers to this. The first would be to do the same verification step before the files ever go for publishing - duplicating the work, but meaning the output could be logged. The second option would be to add in a mechanism for propagating errors back up from the publishing server. The latter seems preferable, both because it's cleaner, and because it allows for other errors (signing problem, for example?) to get reported properly too.