Agent Passport
Every AI agent deserves a passport.
Agent Passport is a cryptographically signed security certificate per agent — a real-time summary of its security posture, tool permissions, and compliance status. Shareable via URL. Embeddable anywhere.
The trust layer for enterprise AI
Stop explaining why your agents are secure. Show it.
AI agents connect to dozens of tools, process sensitive data, and act autonomously. Before one touches production, your security team needs answers. Agent Passport gives them a single verifiable URL.
Verifiable certificate per agent
Ed25519 signed. Independently verifiable by anyone.
Every agent gets a cryptographically signed passport — a tamper-evident record of its security posture, tool permissions, and compliance status. Anyone can verify authenticity without trusting your infrastructure.
- →Ed25519 asymmetric signing — keys managed by ShieldAgent
- →Tool allowlist and blocklist, versioned and signed
- →Compliance framework coverage: SOC 2, ISO 27001, GDPR Art. 25
- →Public URL — share with clients, partners, regulators
- →Issued automatically within minutes of first activity
Risk score, four tiers, no ambiguity
0–100. Weighted. Updated continuously.
A single number tells your security team exactly how much to trust an agent. Weighted across security events, compliance gaps, integrity checks, and operational health. Score updates every time a new event is logged.
- →Normal (0–59): no restrictions, full throughput
- →Elevated (60–79): rate reduced to 50%, review recommended
- →High (80–89): rate-limited to 25%, forced monitoring mode
- →Critical (90–100): blocked — manual release required
- →7-day lookback, recent events weighted more heavily
Embeddable badges and CISO review
One line of HTML. Real-time status. Any surface.
Drop an SVG badge into a GitHub README, vendor portal, or marketplace listing. For internal review: share the internal passport URL with your CISO before an agent goes live — tools, risk posture, and compliance status in one place.
- →SVG badge — live status, scales to any size
- →Internal passport URL for security team approval
- →CISOs see tools, risk score, blocking history, and compliance evidence
- →No system access needed — just a URL
- →Public badges link to the full public passport page
Continuous risk assessment
Four tiers. No ambiguity.
Score formula: 40% security events · 25% compliance gaps · 20% integrity · 15% operational health. Updated continuously with a 7-day lookback.
No restrictions applied. Full throughput maintained.
Request rate reduced to 50% of baseline.
Rate-limited to 25%. Forced monitoring mode enabled.
Only lifecycle methods allowed. Manual release required.
No restrictions applied. Full throughput maintained.
Request rate reduced to 50% of baseline.
Rate-limited to 25%. Forced monitoring mode enabled.
Only lifecycle methods allowed. Manual release required.
Enforcement actions are applied automatically by the ShieldAgent proxy. Full scoring methodology →
Give your agents a passport today.
Passports are issued automatically once ShieldAgent is monitoring an agent. No extra configuration.