AgentSign

About

AgentSign provides an open-source zero trust framework designed for AI agents. Each agent receives a cryptographic passport, a signed JSON object that encapsulates its identity and functions independently, even offline. Prior to accessing any MCP tool, agents must present this passport. AgentSign then verifies the agent's identity, assesses its trust score, and evaluates its current pipeline stage, ultimately granting or denying access. Key features include an identity pipeline, execution chains, trust scoring from 0 to 100, swarm revocation capabilities, and Hardware Security Module support. It is self hosted, operates on premises, and has zero runtime dependencies. Installation is achieved via npm install agentsign. It is licensed under MIT.