AgentSign -- Zero Trust for AI Agents

6 min read Original article ↗
IETF Internet-Draft: draft-sharif-mcps-secure-mcp · Standards Track

AGENTCursor AGENTGemini AGENTBot Bad AgentSignVerify / Sign / Gate PROTECTEDMCP Server PROTECTEDAPI Gateway Trust Authority SIGNED SIGNED L3 PASS BLOCKED

Zero Trust for Agentic AI

Your agent needs an identity

Zero trust identity for autonomous AI agents. Every action signed. Every tool gated. Every agent verified. No identity, no trust.

Agent security is not optional. OWASP Agentic Top 10 and the EU AI Act now require it.

Built for teams running autonomous AI agents

Claude MCP

Gemini ADK

LangChain

CrewAI

AutoGen

OpenHands

Composio

None of these frameworks have agent identity built in. Your agents are running unsigned, unverified, and unaccountable. See the audit.

Framework Stars Identity Signing Trust Score MCP Gate Revocation
AutoGPT182K
LangChain / LangGraph100K+
MCP Ecosystem80.7K
OpenHands64K
Microsoft AutoGen50.4K~
CrewAI45.6K
HuggingFace smolagents25.5K
OpenAI Agents SDK19.4K
Google ADK / Vertex15.6K~~
NeMo Guardrails5.7K
Amazon BedrockManaged~~
Devin / Cognition AIClosed
AgentSignOSS

= native support    ~ = partial (cloud-locked IAM)    = not available    Source: GitHub, March 2026.

600,000+ agents running without identity = 600,000+ potential attack vectors

The EU AI Act (August 2026) mandates traceability for high-risk AI systems. If your agents can't prove who they are, you're not compliant.

Cryptographic Identity

Every agent gets a unique identity backed by HMAC-SHA256 signatures. Register, onboard, and go. The agent carries its signed passport everywhere.

  • One POST to register, one POST to onboard
  • HMAC-SHA256 signed passport returned instantly
  • 6-stage pipeline: INTAKE to ACTIVE
  • Trust score computed from pipeline stage
  • Instant revocation -- kill switch

Try It Now

cURL

# 1. Create account curl -X POST https://agentsign.dev/api/auth/register \ -H "Content-Type: application/json" \ -d '{"email":"dev@company.com"}' # Returns: { api_key: "as_live_..." } # 2. Onboard your agent curl -X POST https://agentsign.dev/api/agents/onboard \ -H "Authorization: Bearer YOUR_KEY" \ -d '{"name":"my-agent","permissions":["read"]}' # Returns: { agent_id, passport: { ..., signature } }

Agent Passport

A self-contained, signed JSON document the agent carries everywhere. Any system can verify it offline -- no server needed. Like SSL certificates, but for AI agents.

  • Self-contained: ID, name, trust score, signature
  • HMAC-SHA256 signed -- tamper-proof
  • Offline verification -- no server roundtrip
  • Pipeline stage embedded
  • Revocation flag -- instant kill switch

Try It Now

JSON

{ "agent_id": "agent_a7f3b2e1...", "name": "my-agent", "permissions": ["read", "write"], "stage": "ACTIVE", "trust_score": 100, "issued_at": "2026-03-12T...", "issuer": "agentsign-platform", "version": "1.0", "signature": "f514d0b870..." } // Any system can verify this offline. // No server. No API call. Just crypto.

MCP Trust Gate

The identity layer between agents and MCP tool servers. Before any agent calls a database, file system, or API via MCP, the Trust Gate checks identity, stage, and trust score.

  • Agent presents ID to MCP server
  • Trust score threshold enforcement
  • Permission-based tool access
  • ALLOW / DENY on every tool call
  • Public endpoint -- no auth needed

Try It Now

cURL

# MCP server calls this before granting access curl -X POST https://agentsign.dev/api/mcp/verify \ -H "Content-Type: application/json" \ -d '{"agent_id":"agent_xxx","tool":"query"}' # Returns: { "decision": "ALLOW", "agent_id": "agent_xxx", "trust_score": 100, "stage": "ACTIVE" }

Passport Verification

Any service can verify an agent's passport in one API call. Check if the signature is valid, the agent hasn't been revoked, and the passport hasn't been tampered with.

  • One POST with the passport JSON
  • Validates HMAC-SHA256 signature
  • Detects tampering instantly
  • Public endpoint -- no auth needed
  • Returns full passport metadata

Try It Now

cURL

# Verify any passport curl -X POST https://agentsign.dev/api/verify \ -H "Content-Type: application/json" \ -d '{"passport": { ... }}' # Valid passport: { "valid": true, "passport": { ... } } # Tampered passport: { "valid": false, "passport": { ... } }

1

Sign Up

Create a free account via the console or API. Get an API key instantly. No credit card required.

  • One POST or browser signup
  • API key returned immediately
  • Free tier: 5 agents included
  • No OAuth, no waiting

2

Onboard

Register your agent with one API call. It gets a cryptographic identity and signed passport.

  • POST /api/agents/onboard
  • Name, permissions, stage
  • Signed passport returned instantly
  • Works with any framework

3

Verify

Verify any agent's identity before granting access. Public endpoint, no auth needed.

  • POST /api/verify (signature check)
  • POST /api/mcp/verify (trust gate)
  • Works offline with passport
  • ALLOW or DENY in milliseconds

Free

$0

forever

  • 5 agents
  • 1,000 verifications/mo
  • 500 MCP gates/mo
  • HMAC-SHA256 signing
  • API + Console access

Get Started

Developer

$19

per month

  • 25 agents
  • 10,000 verifications/mo
  • 5,000 MCP gates/mo
  • Everything in Free
  • Priority support

Get Started

Startup

$149

per month

  • 200 agents
  • 100,000 verifications/mo
  • 50,000 MCP gates/mo
  • Everything in Developer
  • SLA + dedicated support

Get Started

Need unlimited agents? Contact us for Enterprise pricing.

The cost of not signing your agents?

Data breaches, regulatory fines under the EU AI Act, and rogue agents with production access. The free tier covers 5 agents -- there is no reason not to start today.

Deployment

Your infrastructure, your keys

AgentSign runs wherever you need it. Start with our cloud to test, deploy on-prem for production. Same API, same SDK.

Cloud (agentsign.dev)

Get started in 30 seconds. We host the server. Ideal for testing, small teams, and prototyping.

  • Instant signup, no infrastructure
  • Free tier: 5 agents forever
  • Same API as on-prem

Start Free

Enterprise

🏢

On-Prem (Self-Hosted)

Deploy in your VPC. Your infrastructure, your signing keys, your data. Zero calls to us. Full compliance.

  • Docker / Kubernetes / bare metal
  • Your keys, your audit boundary
  • OWASP aligned / IETF standard

Contact Sales

Both options use the same SDK (npm install agentsign). Switch from cloud to on-prem with one config change.

1,422

Unprotected MCP tools

0%

Agent identity in any framework

"AI agents inherit extensive permissions and cannot reliably distinguish legitimate instructions from attacker-injected content, enabling zero-click exfiltration, session hijacking, and credential vault takeover."

-- OWASP LLM01:2025 / TLDR InfoSec, March 2026

"83% of organizations plan to deploy agentic AI, yet only 29% feel prepared to secure it. Every framework authenticates the user. None authenticate the agent."

-- OWASP Agentic Top 10 (ASI03), December 2025

Real-World MCP Security Incidents

These are documented, published CVEs and breaches -- not hypotheticals:

CVE-2025-6514 (CVSS 9.6)

mcp-remote RCE -- 437K downloads affected

Smithery.ai Breach

3,243 MCP servers exposed, API keys compromised

Asana Cross-Tenant Leak

1,000 customers exposed for 34 days via MCP

postmark-mcp Backdoor

First malicious MCP server -- BCC'd all emails to attacker

The root cause in every case: no agent identity, no message signing, no trust verification. MCP has no security layer. These attacks will keep happening until the protocol has one.

AgentSign adds the missing identity layer. No valid passport = no access. Revoked = instant kill switch.

Give your agents an identity

Three API calls. Five minutes. Zero trust from day one.

Every unsigned agent is a liability.

41% of MCP servers have zero auth. 6 CVEs in 9 months. Tool poisoning succeeds 72.8% of the time. The time to act is now.

No credit card required. 5 agents free forever. See compliance requirements.