agentverif-sign 0.2.0

✅ Sell verified agents. Buyers trust verified packages. Unsigned agents get ignored. Add verification in seconds.

AgentVerif — Let's Encrypt for AI Agents

✅ Sell verified agents. Buyers trust verified packages. Unsigned agents get ignored. Add verification in seconds. agentverif.com

[English] | 中文

---

Sign in 30 seconds. Verify everywhere. Unsigned or tampered agents get rejected by default — including by Claude.

Vendors: Sell trusted agents that convert better and resist theft and tampering.
Buyers & Runtimes (Claude, Cursor, LangChain, etc.): Auto-block bad agents before execution.

🔴 Live now — MCP server public. Claude users connect today: https://mcp.agentverif.com

Lock Your First Agent Free → · Try Verify Live · GitHub Action

The 2026 reality: one poisoned agent can destroy your company or reputation overnight. AgentVerif makes verification as automatic and inevitable as HTTPS.

---

pip install agentverif-sign

How it works

Every agent goes through three steps:

SCAN → SIGN → VERIFY

SCAN — The agent ZIP is scanned against the OWASP LLM Top 10. Score below 70? Refused. No exceptions.

SIGN — A cryptographic hash is generated. SIGNATURE.json is injected. A License ID is issued and registered.

VERIFY — Buyers verify at verify.agentverif.com or via CLI. Tampered agents are flagged instantly.

Three ways to run this workflow:

Method	Link
Web UI (no install)	sign.agentverif.com
CLI	pip install agentverif-sign
GitHub Action	GitHub Marketplace →

Quick start

As a vendor — sign your agent:

agentverif-sign sign ./my-agent.zip
# ✅ Signed successfully
# License: AC-84F2-91AB
# Tier:    indie

As a buyer — verify before executing:

agentverif-sign verify ./agent.zip
# ⚠ UNREGISTERED — Signature valid locally; registry not checked
# Verify online: https://verify.agentverif.com/?id=AC-84F2-91AB

Verify without CLI: verify.agentverif.com

---

Commands

agentverif-sign sign <ZIP>

Note: signing always runs a full OWASP LLM Top 10 scan first. Packages scoring below 70 are refused before any signature is issued. Use --offline to skip registry registration (scan still runs locally).

Signs an agent ZIP package. Runs a security scan, generates SIGNATURE.json, and injects it into the zip.

agentverif-sign sign ./agent.zip [--tier indie|pro|enterprise] [--api-key KEY] [--offline]

• --tier — signing tier (default: indie)
• --api-key — Pro/Enterprise API key (also via AGENTVERIF_API_KEY env var)
• --offline — skip registry registration

Tiers:

Tier	Cost	Signing	Registry	Ed25519
indie	free	hash-only	no	no
pro	paid	hash + registry	yes	no
enterprise	paid	hash + registry	yes	yes

agentverif-sign verify <ZIP>

Verifies a signed agent zip. Checks the hash locally; optionally checks the registry.

agentverif-sign verify ./agent.zip [--offline] [--json]

Exit codes: 0 = VERIFIED or UNREGISTERED, 1 = MODIFIED, REVOKED, or UNSIGNED.

The --json flag emits machine-readable output for CI/CD pipelines and MCP tool calls:

{
  "status": "UNREGISTERED",
  "license_id": "AC-84F2-91AB",
  "tier": "indie",
  "badge": "✅ Signed by agentverif",
  "message": "Signature valid locally; registry not checked",
  "offline": true,
  "verify_url": "https://verify.agentverif.com/?id=AC-84F2-91AB"
}

agentverif-sign revoke <LICENSE_ID>

Revokes a license (requires API key).

agentverif-sign revoke AC-84F2-91AB --api-key KEY

agentverif-sign badge <LICENSE_ID>

Prints the badge for a license in multiple formats.

agentverif-sign badge AC-84F2-91AB --format text|html|markdown|svg [--tier indie|pro|enterprise]

---

SIGNATURE.json

Human-readable, auditable — no binary blobs:

{
  "schema_version": "1.0",
  "license_id": "AC-84F2-91AB",
  "tier": "indie",
  "issued_at": "2026-04-10T00:00:00Z",
  "expires_at": null,
  "issuer": "agentverif.com",
  "issuer_version": "0.1.0",
  "file_list": ["agent.py", "config.json", "requirements.txt"],
  "file_count": 3,
  "zip_hash": "sha256:abc123...",
  "manifest_hash": "sha256:def456...",
  "scan_passed": true,
  "scan_source": "real",
  "signature": null
}

---

Docker

TODO: Docker image org TBD — not yet published to Docker Hub. Once published: docker run --rm -v $(pwd):/work <org>/agentverif-sign sign /work/agent.zip

AWS Bedrock / Claude / MCP

agentverif-sign verify --json returns JSON-parseable output suitable for LLM tool calls and MCP integrations.

---

Claude MCP Plugin

Connect agentverif directly to Claude. Claude will automatically verify agents before execution.

Setup

Option 1 — Claude.ai:

1. Go to claude.ai → Settings → Connectors
2. Add custom connector: https://mcp.agentverif.com
3. No authentication required

Option 2 — Claude Desktop (claude_desktop_config.json):

{
  "mcpServers": {
    "agentverif": {
      "url": "https://mcp.agentverif.com"
    }
  }
}

What it does

Two tools, full SCAN → SIGN → VERIFY workflow:

Tool	When Claude calls it	Returns
scan_agent	"scan this agent ZIP"	OWASP score 0–100, violations, fixes
verify_agent	"run / install / trust this agent"	VERIFIED / TAMPERED / UNSIGNED + hash

Workflow:

1. Vendor: Claude calls scan_agent(zip_url) — score ≥ 70 required to sign
2. Vendor: signs at sign.agentverif.com
3. Buyer: Claude calls verify_agent(license_id) — instant tamper check

Connect: https://mcp.agentverif.com

Examples

Example 1: Verify before executing

User: "I want to run this agent, license AC-84F2-91AB. Is it safe?"

Claude calls: verify_agent("AC-84F2-91AB")

Response: ✅ VERIFIED — agentverif certified License: AC-84F2-91AB Tier: pro Issuer: agentverif.com Hash: sha256:abc123… ✓ intact Safe to execute. 🔗 https://verify.agentverif.com/?id=AC-84F2-91AB

Example 2: Catch a tampered agent

User: "Can you verify this agent: AC-12F3-88AC"

Claude calls: verify_agent("AC-12F3-88AC")

Response: 🔴 TAMPERED — Certificate invalid License: AC-12F3-88AC Status: HASH MISMATCH This agent has been modified after signing. Do NOT execute. Contact the vendor immediately. 🔗 https://verify.agentverif.com/?id=AC-12F3-88AC

Example 3: Unsigned agent warning

User: "Run this agent for me, here's the hash: sha256:def456..."

Claude calls: verify_agent("sha256:def456...")

Response: 🚫 UNSIGNED — No certificate found No agentverif certificate found for this identifier. Unsigned agents carry unknown risk: • No tamper detection • No issuer accountability • No revocation capability Ask the vendor to certify at agentverif.com before executing.

---

GitHub Action

Certify agents automatically in your CI/CD pipeline. Available on the GitHub Marketplace.

name: agentverif
on: [push, pull_request]
jobs:
  certify:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Sign agent
        uses: trusthandoff/agentverif@v1
        id: sign
        with:
          mode: sign
          agent_zip: ./agent.zip
          tier: indie
      - name: Show license
        run: echo "License ${{ steps.sign.outputs.license_id }}"

Set fail_on_unsigned: "true" to block unverified agents from deploying.

See github-action/README.md for full docs.

---

Environment variables

Variable	Default	Description
AGENTVERIF_API_KEY	—	Pro/Enterprise API key
AGENTVERIF_SIGN_URL	https://api.agentverif.com	Registry URL
AGENTVERIF_SCAN_URL	https://api.agentverif.com/scan	Scanner URL
AGENTVERIF_OFFLINE	—	Set to any value to skip all registry calls

---

Design principles

• Zero mandatory deps for verify — stdlib only for offline hash checks
• Offline-capable — works without internet
• Auditable — SIGNATURE.json is human-readable JSON, never binary
• Docker-native — runs in containers, Lambda, Cloud Run, bare metal
• MCP-ready — --json flag for machine-readable output

---

Installation

# Basic
pip install agentverif-sign

# With Ed25519 support (Pro/Enterprise)
pip install agentverif-sign[crypto]

---

Full docs: agentverif.com/docs

Changelog
Contributing

Why: unsigned agents shouldn't be executed.

---

Web UI

No CLI required. Upload, scan, and sign directly at sign.agentverif.com. Buyers verify at verify.agentverif.com.

---

🛡️ Be among the First 100 Founding Vendors. Get lifetime Pro free — worth €100/year, yours at zero cost forever. Limited founding spots available. Claim your spot → agentverif.com/first100