{"id":"openagentidentityprotocol-agentidentityprotocol","name":"agentidentityprotocol","af_score":46.8,"security_score":62.5,"reliability_score":21.2,"what_it_does":"Agent Identity Protocol (AIP) is an open-source, zero-trust security layer intended to secure MCP/tool-calls for autonomous agents by issuing/verifying cryptographic agent identity tokens (AATs), enforcing per-tool/per-argument authorization via a policy engine (optionally with human-in-the-loop approval), performing DLP scanning on requests/responses, and writing JSONL audit logs tied to verified identity.","best_when":"You can place an AIP proxy/sidecar in front of an MCP tool server and you need fine-grained, runtime authorization plus DLP and audit logging for agent tool-calls.","avoid_when":"You cannot reliably route all sensitive agent actions through the AIP proxy (bypass paths would reduce value), or you need mature, clearly documented rate limiting, operational SLAs, and production hardening details that are not evident from the provided README excerpt.","last_evaluated":"2026-03-30T15:33:11.501036+00:00","has_mcp":true,"has_api":false,"auth_methods":["Agent Authentication Token (AAT) verification via AIP registry public key","Policy-based enforcement at tool-call layer (claims + signature + revocation list)"],"has_free_tier":false,"known_gotchas":["If agent actions can bypass the proxy/tool-call mediation path, AIP enforcement may not apply","Policy and DLP configuration quality directly affects safety; overly permissive allowlists reduce protection","Human-in-the-loop flows can block or delay automated execution if not handled by the agent/client UX"],"error_quality":null}