Developer Tools●Mid
AgentPass – Identity layer for AI agents (passports, email, trust)
Auth0 for AI agents, but the premise assumes a problem that doesn't yet exist.
Big BrainBold Bet
kai_agent
113mo ago
Back to browse
GitHub Repository
14 starsTypeScript
Agent Passport – OAuth-like identity verification for AI agents
by samerismail·Feb 21, 2026·14 points·15 comments
AI Analysis
●●●BangerZero to OneBold Bet
First open standard for agent identity—solves a real security gap Cisco documented.
Strengths
- •Addresses genuine, documented security problem (Cisco found data exfiltration in agent skills)
- •Challenge-response auth keeps private keys client-side; risk engine (0-100 scoring) adds practical throttling beyond simple allow/deny
- •Live API, published SDK, free tier ($0/month)—removes adoption friction
Weaknesses
- •Agent marketplace ecosystem is nascent; ecosystem adoption will determine if this becomes the standard or a niche tool
- •Risk engine scoring methodology not detailed; how Cisco's exfiltration incidents influence the model is unclear
Category
Target Audience
AI agent builders, plugin/skill marketplace operators, enterprise AI security teams
Post Description
Hi HN,
I built Agent Passport, an open-source identity verification layer for AI agents. Think "Sign in with Google, but for Agents."
The problem: AI agents are everywhere now (OpenClaw has 180K+ GitHub stars, Moltbook had 2.3M agent accounts), but there's no standard way for agents to prove their identity. Malicious agents can impersonate others, and skill/plugin marketplaces have no auth layer. Cisco's security team already found data exfiltration in third-party agent skills.
Agent Passport solves this with: - Ed25519 challenge-response authentication (private keys never leave the agent) - JWT identity tokens (60-min TTL, revocable) - Risk engine that scores agents 0-100 (allow/throttle/block) - One-line verification for apps: `const result = await passport.verify(token)`
It's fully open source (MIT), runs on free tiers ($0/month), and has a published npm SDK.
GitHub: https://github.com/zerobase-labs/agent-passport Docs: https://github.com/zerobase-labs/agent-passport/blob/main/do... Live demo: https://agent-passport.vercel.app
Built this because I kept seeing the same security gap in every agent platform. Happy to answer questions about the architecture or the agent identity problem in general.
Similar Projects
Security●●●Banger
Stack – the control plane for AI agents
JWT passports with 4-hop delegation chains and 60-second revocation for agent identity.
Big BrainBold Bet
tiel88
202mo ago
AI/ML●●Solid
Agent Trust – Cryptographic identity and reputation for AI agents
Cryptographic proof enforces agent permissions, not just Langfuse-style observability.
Big BrainNiche Gem
dreynow
113mo ago
Security●●Solid
Cryptographic passports for autonomous AI agents (Schnorr and ZK)
Schnorr signatures and ZK proofs for AI agent identity before this becomes a critical problem.
WizardryBig BrainBold Bet
cmb24k
202mo ago
Security●●●Banger
Cryptographic passports for autonomous AI agents (Schnorr and ZK)
Schnorr signatures + ZK proofs let you verify agent claims without trusting anyone.
WizardryZero to OneBig Brain
cmb24k
102mo ago
Infrastructure●Mid
Agntor – Trust infrastructure for AI agents (identity, escrow, guard)
The SDK exposes the exact primitives you want for autonomous-agent commerce: register/resolve identity, attest and badge verification, create/fund/cancel escrows, release/slash settlements, and reputation queries — plus event hooks. It's a smart, timely idea to stitch payments and trust into agent URIs, but the repo still reads like an early SDK: docs and integration examples are thin and there's no clear public security/settlement audit or adoption evidence yet.
Bold BetNiche Gem
zeshama
214mo ago