Documentation

agentverif CLI

Scan, sign, verify, and revoke AI agent packages from the command line.

Getting started

Install the CLI with pip. Python 3.9+ required.

pip install agentverif-sign

Verify the installation:

agentverif-sign --version # agentverif-sign 0.1.0

Set your API key before signing. Get one at agentverif.com/account. Free tier does not require a key for local-only operations.

agentverif sign

Sign an agent package. This runs the full OWASP LLM Top 10 scan, then registers a cryptographic hash and issues a License ID.

agentverif-sign sign ./agent.zip [OPTIONS]

What happens step by step

  1. The CLI reads the agent package from the path you provide.
  2. A sha256 hash of the archive is computed locally.
  3. The hash is sent to the agentverif API along with your API key and tier.
  4. The OWASP LLM Top 10 scan runs server-side. If the score is below 70, signing is refused.
  5. On success, a SIGNATURE.json is injected into your archive, containing the License ID, hash, timestamp, and tier.
  6. The signed archive is written to ./agent.signed.zip (or the path specified with --output).
# Basic sign agentverif-sign sign ./agent.zip # Specify output path agentverif-sign sign ./agent.zip --output ./dist/agent.signed.zip # Output JSON (for CI/CD) agentverif-sign sign ./agent.zip --json # Example JSON output # { # "license_id": "AV-84F2-91AB", # "tier": "indie", # "score": 87, # "hash": "sha256:e3b0c44...", # "signed_at": "2026-04-11T12:00:00Z" # }

Packages scoring below 70 on the OWASP LLM Top 10 scan are refused. No exceptions. The scan result and score are included in SIGNATURE.json.

agentverif verify

Verify a signed agent archive. Checks the SIGNATURE.json, recomputes the hash, and optionally checks the registry for revocation status.

agentverif-sign verify ./agent.zip [OPTIONS]
# Standard verify (local hash check only) agentverif-sign verify ./agent.zip # VERIFIED # License: AV-84F2-91AB # Tier: indie # Score: 87/100 # Verify: https://verify.agentverif.com/AV-84F2-91AB # Also check registry (revocation, online record) agentverif-sign verify ./agent.zip --registry # Machine-readable output agentverif-sign verify ./agent.zip --json

Exit codes

  • 0 — verified successfully
  • 1 — hash mismatch (tampered or corrupted)
  • 2 — no SIGNATURE.json found
  • 3 — license revoked
  • 4 — registry unreachable (used with --registry)

agentverif badge

Retrieve the badge string for a given License ID. Badge format depends on the tier the agent was signed under.

agentverif-sign badge AV-XXXX-XXXX

Badge formats by tier

Indie
✅ Signed by agentverif
Pro
✅ agentverif VERIFIED | AV-XXXX-XXXX
Enterprise
🔒 agentverif ENTERPRISE CERTIFIED | AV-XXXX-XXXX | Ed25519

Embed the badge in your agent's README using the embed code shown in the README badge section below.

agentverif revoke

Revoke a previously issued license. Only available on Pro and Enterprise tiers. Revocation is permanent and immediate — all future registry checks will return REVOKED.

agentverif-sign revoke AV-XXXX-XXXX [OPTIONS]
# Revoke with reason (recommended) agentverif-sign revoke AV-84F2-91AB --reason "compromised key" # Confirmed. License AV-84F2-91AB is now REVOKED. # All verify --registry calls will return status: revoked.

Revocation cannot be undone. If you need to re-certify the same agent, sign it again to obtain a new License ID.

Environment variables

All CLI options can be set via environment variables. CLI flags take precedence.

Variable Description Default
AGENTVERIF_API_KEY Your agentverif API key. Required for Pro and Enterprise operations.
AGENTVERIF_SIGN_URL Override the signing API endpoint. Useful for private deployments or CI environments. https://api.agentverif.com
AGENTVERIF_TIER Default tier to use when signing (indie, pro, enterprise). indie
AGENTVERIF_JSON Set to 1 to default all commands to JSON output mode. 0

CI/CD example (.env or GitHub Actions)

# .env AGENTVERIF_API_KEY=av_live_xxxxxxxxxxxx AGENTVERIF_TIER=pro # GitHub Actions step - name: Sign agent run: agentverif-sign sign ./dist/agent.zip --json env: AGENTVERIF_API_KEY: ${{ secrets.AGENTVERIF_API_KEY }}

README badge

Add a verification badge to your agent’s README. Replace AV-XXXX-XXXX with your License ID.

Markdown

[![agentverif certified](https://img.shields.io/badge/agentverif-VERIFIED-16a34a?style=flat-square&logo=data:image/svg+xml;base64,...)](https://verify.agentverif.com/AV-XXXX-XXXX)

Plain text (for README or agent manifest)

✅ agentverif VERIFIED | AV-XXXX-XXXX Verify: https://verify.agentverif.com/AV-XXXX-XXXX

JSON-LD (for agent metadata files)

{ "agentverif": { "license_id": "AV-XXXX-XXXX", "tier": "pro", "verify_url": "https://verify.agentverif.com/AV-XXXX-XXXX" } }

FAQ

What gets scanned?

The entire agent archive — source code, dependencies, configuration files, and any embedded prompts — is analysed against the OWASP LLM Top 10. This includes checks for prompt injection risks, insecure output handling, excessive agency, and more.

What score is required to pass?

A minimum score of 70 out of 100 is required. Packages scoring below 70 are refused — no exceptions, no overrides. The score and per-category breakdown are included in SIGNATURE.json so you can see exactly where to improve.

How long does a license last?

Licenses do not expire automatically. They remain valid indefinitely unless you revoke them. If you update your agent and re-sign it, a new License ID is issued — the old one remains valid for the original version unless explicitly revoked.

Can I verify without an internet connection?

Yes. Running agentverif-sign verify ./agent.zip without the --registry flag performs a fully local hash check using only the SIGNATURE.json embedded in the archive. No network request is made.

What is SIGNATURE.json?

A file injected into your signed archive containing the License ID, sha256 hash, OWASP score, tier, signing timestamp, and a URL to the public registry entry (Pro/Enterprise). It is human-readable JSON and machine-parseable for CI/CD.

What is Ed25519 signing (Enterprise)?

Enterprise tier adds a cryptographic Ed25519 signature to SIGNATURE.json. This allows buyers to verify authenticity without trusting the agentverif registry — purely using public-key cryptography. The public key is published at agentverif.com/.well-known/agentverif-public.pem.

Is the scan result stored?

The scan score and a summary of findings are stored server-side and linked to your License ID on Pro and Enterprise tiers. On the free Indie tier, only the hash and License ID are registered — scan details are returned to you at signing time only.