Security | Trust Agent

Security

43 checks

Protects against malicious actors, data theft, and exploitation. Heaviest weight in the trust score.

Safety

11 checks

Protects users from harmful content and unsafe agent behaviour.

Compliance

9 checks

Regulatory awareness — GDPR, age-gates, sensitive-domain disclaimers, retention.

Behaviour

7 checks

Quality, consistency, and claim-vs-spec coherence at the prompt level.

Trust output

Score + risk + badges

MCP extension coverage

+12 MCP checks

Execution posture

Runs on customer infrastructure

5-stage audit pipeline

Every listing passes through a structured, multi-stage audit pipeline before it reaches buyers.

Intake and source verification

Source provenance, commit history, attribution, manifest schema validation.

Static analysis and dependency audit

Code scanning for unsafe patterns, CVE detection, typosquatting, pinning hygiene.

Prompt safety and permission fidelity

Prompt abuse detection, exfiltration checks, declared vs observed permission alignment.

Runtime sandbox execution

Containerized execution capturing network, file, and process behavior evidence.

Human analyst review and scoring

Expert review, trust score assignment, badge tier, and risk narrative publication.

Malware Analysis

6 checks

Signature, heuristic, archive, exploit-loader, encoded-payload, and dropper-behaviour scans on packaged agent binaries.

Static Analysis

18 checks

Secrets, API keys, key material, injection, unsafe filesystem and process commands, remote code fetch, privilege escalation, obfuscation, and prompt-level code-audit patterns.

Dependency Analysis

8 checks

Inventory build, known-vulnerable packages, typosquats, unpinned versions, license conflicts, install-script abuse, scope minimisation, and reputation review.

Network Analysis

7 checks

Outbound HTTP, webhooks, allowlist presence, raw sockets, exfiltration keywords, DNS-tunnel indicators, and remote-host scope review.

Behaviour Analysis

6 checks

Sandbox-escape surface, resource abuse, claim-vs-behaviour truthfulness, refusal coverage, escalation coverage, and persona-drift review.

Privacy Compliance

3 checks

PII collection declaration, data-retention policy, and cross-user data-leakage risk.

Supply Chain Analysis

1 check

Third-party dependency audit and upstream provenance review.

Integrity Verification

2 checks

Artefact hash verification (SHA-256) and the aggregate critical-failure flag rolling up severity across the run.

Semantic Prompt Analysis

8 checks

Hidden instructions, behavioural manipulation, unsafe-automation triggers, cross-prompt consistency, and prompt-injection sub-classes — all judged via an LLM-as-judge axis.

Content Safety

5 checks

Self-harm encouragement, hate speech, child-safety red flags, weapon-making, and controlled-substance instructions.

Regulatory Compliance

3 checks

GDPR data-subject-rights awareness, age-gate awareness for child-facing roles, and sensitive-domain disclaimer presence.

Behaviour Boundaries

3 checks

Persistent-memory leakage risk, cross-session identity drift, and user-data persistence beyond session.

GDPR compliance

Trust Agent is designed for UK GDPR compliance. Primary data is stored in the United Kingdom on infrastructure we operate directly — no public cloud provider. We honor all data subject rights including right to access, rectification, and erasure.

Lawful basis assessment for every data processing activity

Data residency enforcement - all primary data stored in EU (eu-west-2)

Right to erasure - full account and data deletion within 30 days on request

Data minimization - we only collect what is strictly necessary

Privacy by design - privacy impact assessments on every new feature

Data Processing Agreements (DPAs) available for enterprise customers

SOC 2 alignment

Our architecture and operational controls align with SOC 2 Type II trust service criteria. Trust Agent does not currently hold SOC 2 certification but operates to these standards.

Role-based access controls with least-privilege enforcement

Comprehensive audit logging on all system access and changes

AES-256 encryption at rest for all stored data

TLS 1.3 encryption in transit for all API and web traffic

Annual penetration testing by independent third parties

Incident response plan with documented escalation procedures

Data security

Encryption at rest

All data at rest is encrypted using AES-256. Database volumes, backups, and object storage are encrypted by default with managed keys.

Encryption in transit

All traffic is encrypted with TLS 1.3. HSTS is enforced across all endpoints. API traffic, webhooks, and web requests all use HTTPS exclusively.

No message storage

Trust Agent does not store user messages, prompts, or agent conversation content. Audit data captures behavior evidence only - never raw user input.

systemPrompt protection

Creator system prompts and orchestration logic are treated as protected intellectual property. They are never exposed in any API response, audit report, trust badge, or buyer-facing evidence output.

API response isolation

All API endpoints are filtered to exclude system prompt content. Audit reports reference behavior evidence, not raw prompt source.

Seller IP protection

Trust Agent publishes buyer-safe evidence and analyst narratives without exposing raw creator prompts, manifests, or secure role orchestration logic.

Trust and verification model

Nine-layer audit stack

Source integrity, manifests, static code analysis, dependency hygiene, prompt safety, permission fidelity, runtime sandboxing, behavior verification, and drift handling.

SOC 2-friendly architecture

Role-based access controls, audit exports, billing trails, protected prompt IP, and company-aware gateway execution. Trust Agent does not claim SOC 2 certification.

Customer-owned execution

Agent logic is packaged, audited, and delivered with protected invocation workflows. Roles and skills execute in the customer environment, not on Trust Agent servers.

Badge tier model

Every role is scored 0–100 on the audit pipeline. The score maps to a badge tier shown on marketplace cards and role detail pages so buyers can filter for the trust level their use-case demands.

Platinum

92-100

Zero critical findings. Actively maintained. Recommended for regulated-sector deployment (NHS, finance, legal).

Gold

84-91

No high-severity findings. Minor issues documented and disclosed. Suitable for most professional use cases.

Silver

74-83

Minor findings acknowledged with a remediation plan. Use with awareness of documented limitations.

Bronze

62-73

Meets the minimum audit bar. All findings disclosed. Low-stakes applications only; not recommended for regulated or safety-critical work.

Advisory

below 62

Below the audit bar. Use only with explicit understanding of the disclosed risks; not for production.

Infrastructure

Data residency

United Kingdom. All primary infrastructure, compute, and storage run on servers we operate in the UK — not on a public cloud provider.

Application hosting

Self-hosted. Trust Agent runs under our own process supervisor behind a hardened reverse proxy. Deployments are scripted, auditable, and zero-downtime.

Database

Self-hosted PostgreSQL with automated backups, point-in-time recovery, and encrypted connections. We do not use Neon, AWS RDS, or any third-party DBaaS.

Runtime behavior and drift controls

Sandbox evidence

Docker-based jobs capture commands, network requests, and file activity so buyers can see what was actually observed.

Source drift

If indexed source changes after the audit, the verification posture degrades until a new scan and analyst pass complete.

MCP-specific protection layer

12 additional MCP checks

Endpoint exposure, transport constraints, undeclared tool bridges, external process escalation, and safety envelope validation.

Protected seller IP

Trust Agent publishes buyer-safe evidence and analyst narratives without exposing raw creator prompts, manifests, or secure role orchestration logic.

Standards and certifications alignment

GDPR

Compliant

EU data protection regulation

SOC 2 Type II

Aligned

Trust service criteria alignment

OWASP Top 10

Aligned

Web application security standard

ISO 27001

In progress

Information security management

Responsible disclosure

We take security vulnerabilities seriously and appreciate responsible disclosure from the security community. If you discover a vulnerability, please report it to us so we can address it promptly.

How to report

Email info@trust-agent.ai with a description of the vulnerability, steps to reproduce, and any supporting evidence. We aim to acknowledge reports within 48 hours.

Our commitment

- Acknowledge receipt within 48 hours
- Provide an initial assessment within 5 business days
- Work with you to understand and resolve the issue
- Credit researchers who follow responsible disclosure
- No legal action against good-faith security research

Security contact

info@trust-agent.ai

70 audit checks on every listing

5-stage audit pipeline

GDPR compliance

SOC 2 alignment

Data security

systemPrompt protection

Trust and verification model

Badge tier model

Infrastructure

Runtime behavior and drift controls

MCP-specific protection layer

Standards and certifications alignment

Responsible disclosure

70 audit checks on every listing

5-stage audit pipeline

GDPR compliance

SOC 2 alignment

Data security

systemPrompt protection

Trust and verification model

Badge tier model

Infrastructure

Runtime behavior and drift controls

MCP-specific protection layer

Standards and certifications alignment

Responsible disclosure