Identity and trust for AI agents.

Know what every agent did. Revoke access when something goes wrong. Open source. Self-hosted or AIM Cloud.

$ npx opena2a-cli identity create --name my-agent

Cryptographic identity with an audit log. No account required.

Try AIM Cloud Scan your project View on GitHub

Agent Identity Management

What AIM gives you

Every agent gets a cryptographic identity, a trust score, and an append-only audit log. Capability policies keep them inside their lane.

Cryptographic identity

Ed25519 keypairs for every agent. Issued locally, verified by signature. No passwords to leak, no tokens to rotate.

Append-only audit log

Every action the agent takes is recorded. Query the log from the dashboard or stream it via API.

8-factor trust score

Verification, compliance, uptime, action success, alerts, age, drift, and feedback. Updated continuously.

Capability policies

Declare what an agent is allowed to do. Enforce at runtime via @perform_action (Python) or @SecureAction (Java).

MCP server identity

Discover and attest MCP servers. Sign configurations, detect drift, block tampered servers automatically.

Self-hosted or AIM Cloud

Run locally with Docker Compose or use the managed AIM Cloud. Same API. Same SDKs. Your choice of deployment.

Try AIM Cloud View AIM on GitHub

Assess. Fix. Harden.

Your developers are running AI agents you don't know about. Find, fix, and harden them.

Google API keys grant unintended AI access

Keys provisioned for Google Maps or Places can silently invoke Gemini LLM endpoints. AWS keys intended for S3 may reach Bedrock AI. OpenA2A detects these cross-service privilege escalations and creates deny-all broker policies.

DRIFT-001

Google API key can access Gemini AI

Maps/Places key invokes Gemini LLM endpoints

DRIFT-002

AWS key can invoke Bedrock LLMs

S3/EC2 key has Bedrock AI permissions

Terminal

$ opena2a init --verbose

Scope Drift Detected

DRIFT-001 Google Maps key -> Gemini AI src/config.js:5

DRIFT-002 AWS S3 key -> Bedrock AI src/aws.js:1

[CRITICAL] Migrate 2 drifted credentials

Run: opena2a protect

What it finds

Six categories of findings across credential, configuration, runtime, and supply chain security.

Hardcoded Credentials

Anthropic, OpenAI, Google, AWS, GitHub, and generic API key patterns across all source files.

CRED-001 through CRED-004

Scope Drift

API keys provisioned for one service that silently grant access to AI models. Google Maps to Gemini, AWS S3 to Bedrock.

DRIFT-001 and DRIFT-002

Config Integrity

SHA-256 signing for config files. Detect unauthorized modifications to package.json, mcp.json, Dockerfile.

opena2a guard sign/verify

Runtime Monitoring

Process, network, and filesystem activity monitoring. Protocol-aware scanning for MCP, A2A, and OpenAI endpoints.

opena2a runtime start

Supply Chain Verification

Binary integrity checks for AI packages. Detect tampering in installed packages.

opena2a verify

Project Hygiene

.gitignore coverage, .env protection, lock file presence, MCP config detection, security config assessment.

Trust Score 0-100

Three tools that cover the full lifecycle

Manage identity, scan for vulnerabilities, and protect credentials.

Identity & trust

opena2a identity create

AIM

Cryptographic identity, audit logs, trust scoring, and capability policies for every agent. Self-hosted or AIM Cloud.

Get started

Security testing

npx hackmyagent

hackmyagent

238 security checks across 44 categories. Finds credential leaks, injection vulnerabilities, and MCP misconfigurations.

Get started

Credential safety

npx secretless-ai

secretless

Keeps API keys and secrets out of AI tool context. Supports Claude Code, Cursor, Copilot, Windsurf.

Get started

See all tools

See what AI is running in your project

One command scans for shadow AI agents, MCP servers, credentials, and misconfigurations. No signup required.

$ npx opena2a-cli review

Scan Your Project View on GitHub

Stay Updated on AI Agent Security

Subscribe to our newsletter for weekly insights, vulnerability alerts, and best practices