The security infrastructure for AI agents.

AI agents are taking actions in your name. Your SIEM does not see them. Your IAM does not understand them. OpenA2A is the identity, observability, and policy layer the agent economy was built without.

Scan your projectView on GitHubRead the docs
$ npx opena2a-cli review

30 second security assessment. No account required.

110,000+
installs across the OpenA2A ecosystem
npm, Docker, GitHub, PyPI
293,000+
AI packages with trust scoring
MCP servers, AI skills, A2A agents
150,000+
attack events captured
by the OpenA2A network
100%
open source under Apache 2.0
self hosted or managed cloud

Three entry points. One ecosystem.

Identity, scanning, and credential protection. Each tool is open source and works standalone. Together they form the security infrastructure for AI agents.

$ npx opena2a-cli identity create

AIM

Cryptographic identity, audit logs, trust scoring, and capability policies for every agent. Self hosted or AIM Cloud.

  • Ed25519 cryptographic identity
  • 8 factor trust scoring
  • Append only audit log
  • Capability policy enforcement
Try AIM Cloud freeView on GitHub
$ npx hackmyagent secure

HackMyAgent

Static, semantic, and adversarial checks across credential leaks, injection vulnerabilities, and MCP misconfigurations.

  • 209 static checks
  • 164 attack payloads
  • Auto fix with rollback
  • OASB benchmark compliance
Read the docsView on GitHub
$ npx secretless-ai init

Secretless AI

Keep API keys and secrets out of AI tool context. Supports Claude Code, Cursor, Copilot, Windsurf.

  • 56 credential patterns
  • Pre tool use blocking
  • Multi backend storage
  • MCP server encryption
Read the docsView on GitHub
See all nine tools