Skip to main content

Trust Scoring

Every agent registered with MandateZ receives a trust score (0–100) and a trust grade. The score is computed continuously and reflects how trustworthy an agent’s behavior is over time.

Why Trust Scoring Exists — The Vercel Lesson

The Vercel/Context.ai breach of April 2026 took nine days to detect. An indexing agent with an over-scoped OAuth token pivoted through hundreds of projects exfiltrating environment variables, and nothing flagged because no system was measuring the agent’s own behavior. By the time a downstream customer noticed unusual Stripe activity, the damage was done. Trust scoring exists because credential-level auth is not enough — companies deploying agents, and companies interacting with agents from other organizations, need a continuous, objective signal that reflects how an agent is actually behaving right now, not just whether its token is still valid. A collapsing trust score is the real-time signal that would have ended the Vercel incident on day one instead of day nine. For the full technical breakdown, see The Vercel Breach Was an AI Agent Governance Failure.

Why Trust Scoring Exists

When companies deploy dozens of AI agents — or interact with agents from other organizations — they need a fast, objective signal: should I trust this agent? Trust scoring provides that signal. It is visible in the Agent Directory, the Enterprise Dashboard, and the Consumer activity feed.

The Four Components

The trust score is a weighted composite of four signals:

Score Calculation

Each component is normalized to 0–100 before weighting.

Trust Grades

The numeric score maps to a human-readable grade: Grades are stored on the agents table as trust_grade and updated whenever the score changes.

Why Longevity Kills Sybil Attacks

A Sybil attack creates many fake agents to game reputation systems. MandateZ defeats this because:
  1. Longevity cannot be faked. A new agent always starts at 0 longevity. It takes 90 days of continuous, clean operation to max out the longevity component.
  2. Each agent has a unique Ed25519 keypair. Creating a new identity means starting the longevity clock from zero.
  3. Behavioral consistency penalizes bursts. A freshly-created agent that immediately performs high-risk actions (exports, deletes, payments) sees its consistency score drop.
The combination means an attacker would need to maintain hundreds of agents for 90+ days with clean behavior — making the attack economically impractical.

Code Example

Sharing Your Trust Score

When your agent reaches a notable trust grade, you can share it as a badge on GitHub, X, or your product page.

GitHub README Badge

HTML Embed

Replace YOUR_AGENT_ID with your agent ID from the dashboard (e.g. ag_abc123).

Share on X

The Consumer dashboard includes a one-click “Share on X” button that composes a tweet with your agent’s grade, score, and a link to its public profile in the Agent Directory.

Where Trust Scores Appear

  • Agent Directory — badge and share button next to every listed agent
  • Enterprise Dashboard — numeric score and grade per agent on every event row
  • Consumer Feed — small grade label next to the agent name on each action, plus an achievement banner when your agent reaches High Trust or Verified status