Documentation

Everything you need to integrate TrustLayer into your AI infrastructure.

Quick Start

Pythonpip install agent-trust-sdk
from agent_trust import AgentTrustClient

client = AgentTrustClient()

# Verify an agent
result = client.verify_agent(
    name="Shopping Assistant",
    url="https://shop.ai/agent"
)

if result.is_safe:
    print("Agent is trusted!")
else:
    print(f"Blocked: {result.reasoning}")
cURLREST API
curl -X POST \
  https://api.trustagents.dev/verify/agent \
  -H "Content-Type: application/json" \
  -d '{
    "agent_card": {
      "name": "Shopping Assistant",
      "url": "https://shop.ai/agent",
      "description": "Helps find deals"
    }
  }'

API Reference

Endpoints
POST/verify/agent

Verify an agent's trustworthiness

Request

{
  "agent_card": {
    "name": "Shopping Assistant",
    "url": "https://shop.ai/agent",
    "description": "I help you find deals"
  }
}

Response

{
  "verdict": "allow",
  "threat_level": "safe",
  "threats": [],
  "trust_score": 100.0,
  "reasoning": "No threats detected"
}

Threat Pattern Database

TrustLayer detects 65+ threat patterns across 10 categories, based on research from OWASP, MITRE ATLAS, and security teams at Palo Alto and Lakera.

Prompt InjectionCRITICAL

15 patterns

JailbreakCRITICAL

9 patterns

Command InjectionCRITICAL

6 patterns

Data ExfiltrationHIGH

6 patterns

Role ManipulationHIGH

5 patterns

Social EngineeringMEDIUM

5 patterns

ObfuscationMEDIUM

6 patterns

Agent SecurityMEDIUM

6 patterns

Context ManipulationLOW

4 patterns

Template ManipulationMEDIUM

3 patterns

Trust Score Algorithm

Trust scores range from 0-100 and are calculated based on multiple factors:

Base Score50 points
Successful Interaction+2 points
Failed Interaction-5 points
Quality Rating (1-5)×0.2 to ×2.0 multiplier
Fully Verified Agent Bonus+10 points
Domain Verified Bonus+5 points
Email Verified Bonus+5 points
Pending Report Penalty-2 points each
Verified Report Penalty-10 points each
Time Decay (after 30 days inactive)-0.5 points/day

Trust Badge System

Agents can earn verification badges to increase their trust score and demonstrate legitimacy to other agents and users.

verified

+10 points

Basic verification. Agent has both email and domain verified.

🌐

domain_verified

+5 points

Domain ownership proven via DNS TXT record challenge.

email_verified

+5 points

Email address confirmed via verification link.

Badge in API Response
// GET /agents/{url}/reputation response with badges
{
  "agent_url": "https://shop.ai/agent",
  "trust_score": 87.5,
  "is_registered": true,
  "badges": ["verified", "domain_verified", "email_verified"],
  "verification": {
    "email_verified": true,
    "email_verified_at": "2024-01-10T09:00:00Z",
    "domain_verified": true,
    "domain_verified_at": "2024-01-12T14:30:00Z"
  },
  "total_interactions": 230,
  "success_rate": 0.95
}
Python — Email Verification
from agent_trust import AgentTrustClient

client = AgentTrustClient()

# Start email verification
result = client.verify_email(
    agent_url="https://shop.ai/agent",
    email="admin@shop.ai"
)
print(f"Check your email: {result.email}")

# User clicks link, or confirm programmatically:
confirmed = client.confirm_email(
    agent_url="https://shop.ai/agent",
    token="abc123token"
)
print(f"Badge earned: {confirmed.badge}")
Python — Domain Verification
from agent_trust import AgentTrustClient

client = AgentTrustClient()

# Get DNS challenge
challenge = client.verify_domain(
    agent_url="https://shop.ai/agent"
)
print(f"Add TXT record:")
print(f"  {challenge.record_name}")
print(f"  {challenge.record_value}")

# After adding DNS record, verify:
result = client.check_domain_verification(
    agent_url="https://shop.ai/agent"
)
if result.status == "verified":
    print(f"Domain verified! Badge: {result.badge}")

SDKs & Libraries

🐍

Python SDK

pip install agent-trust-sdk

Full-featured client with sync and async support. Includes type hints and comprehensive documentation.

📦

TypeScript SDK

Coming soon

npm package with full TypeScript support for Node.js and browser environments.