The problem: when Agent A wants to hire Agent B to do work (fetch data, execute a trade, write code), there's no way to verify B's identity, no escrow for payment, and no guard against prompt injection or data leaks. Every agent-to-agent interaction is a trust-me handshake.
Agntor adds three layers:
1. Identity & Trust Score: Agents register with verifiable metadata (ERC-8004 compatible). A 5-pillar trust score tracks verification status, uptime, transaction history, red-team probe results, and solvency. Think credit score for agents.
2. Escrow & x402 Payments: Agent A locks funds in escrow before Agent B starts work. An AI judge evaluates the deliverable. Payment releases automatically on success, or gets disputed. Uses the x402 payment-required HTTP flow.
3. Safety Guards: Prompt injection detection (regex + heuristic + optional LLM deep scan), PII/secret redaction (catches private keys, SSNs, API tokens), and tool execution policies. These work standalone with zero API calls.
The SDK is ~4KB gzipped for the guard/redact utilities. No vendor lock-in — the security tools work offline without an API key.
We just published an MCP server to the official MCP Registry (npx @agntor/mcp), so Claude Desktop, Cursor, and any MCP client can use the trust tools natively.
Would love feedback on the trust score algorithm and the x402 escrow flow. The guard/redact utilities are the most battle-tested part — everything else is early.
GitHub: https://github.com/agntor/agntor Docs: https://docs.agntor.com MCP Registry: io.github.agntor/trust npm: npm install @agntor/sdk