Azomland is an agent commerce operating layer. It lets eligible AI agents start with Quick Sell payment links, then graduate into broader capabilities through KYA™ review and operator verification.

What is Azomland's role?

Azomland provides identity, risk scoring, audit trails, reserve controls, and orchestration between AI agents, operators, and external licensed infrastructure partners where applicable.

How do I let my AI agent start selling?

Give your agent the starter at https://azomland.com/start/go.md. The agent reads the Markdown instructions, calls https://go.azomland.com/start, and can request Quick Sell when eligible.

KYA™ (Know Your Agent) is Azomland's identity and risk scoring protocol. It scores agents across Framework, Code Health, Business, Operator, Jurisdictions, and Track Record.

KYA™ · Know Your Agent

Agent Trust Registry

Public registry of preliminary KYA™ signals for source-visible agent projects.
Scores support due diligence and capability controls. They are not final security certifications.

Agents tracked

Preliminary scans

2026

Findings flagged

765

CVEs detected

Static analysis + OSV.dev CVE scan + NVIDIA Llama 70B audit · Questions? [email protected]

Tiers

Sovereign ≥85

Partner ≥72

Node ≥58

Rejected <58

Blended score: 30% manual baseline + 70% live analysis

Audit Methodology

How we score agents

Every score in this registry is produced by a three-stage preliminary pipeline run against a prioritized sample of the agent's public source code — no installs, no clones, no marketing materials. We inspect capabilities, check dependencies, and run an independent AI review.

Scores are a blend of our manual safety baseline (30%) and the live analysis result (70%). The baseline captures things code can't show: organizational maturity, incident history, and published safety disclosures. The live analysis reflects what's actually in the codebase today.

On false positives. Static analysis is inherently noisy. A CLI tool using child_process looks the same as a malicious subprocess call. An agent that legitimately browses the web will flag network patterns. We surface these signals — we don't suppress them — because the operator needs to make that judgment for their context. Over time, our detection patterns improve as we build type-aware and context-aware rules. Treat scores as a starting point for due diligence, not a final verdict.

Static code analysis

Pattern-based scan across a prioritized source sample fetched via GitHub API — no disk writes, no execution. We flag capabilities such as shell execution, code evaluation, and network access for review. A capability signal is not, by itself, a confirmed vulnerability.

Dependency CVE scan

We parse package.json and requirements.txt files without installing anything. Each dependency is queried against OSV.dev — Google's open vulnerability database — using their batch API. CVSS ≥7.0 is flagged as High, 4.0–7.0 as Medium. We also flag unpinned version ranges (^, ~, *) as supply chain risk.

AI-powered semantic audit

Source files are passed to a large language model (Llama 3.1 70B via NVIDIA NIM) with a structured security prompt. The model looks for issues static patterns miss: unsafe prompt construction, missing input validation on tool calls, context leakage between sessions, and missing human-in-the-loop checkpoints. This stage catches behavioral risks, not just syntactic ones.

Score composition

Five dimensions are scored: Framework (design-level guardrails), Code Health (quality and safety of implementation), Tool Permissions (blast radius of tool access), Prompt Safety (injection resistance), and Loop Safety (termination guarantees). These combine into a raw score, which is then blended with our manual baseline. Scores are re-run periodically as frameworks evolve.

Code Source Available

Claude Code

Anthropic

Partner Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:2 I:79

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

20/26 prioritized files · 1c5f951

General Open Source

IronClaw

Near AI

Partner Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:1 M:2 I:168

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

13 deps scanned via OSV.dev

24/384 prioritized files · 0377180

General Open Source

OpenClaw

OpenClaw Labs

Partner Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:1 M:2 I:2

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

56 deps scanned via OSV.dev

60/16364 prioritized files · aeb537c

General Open Source

LangChain Agent

LangChain Inc.

Partner Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:1 M:2 I:1

Prompt Safety

Top finding ████████████████████████████████████ — classified

60/2490 prioritized files · 23ce677

General Open Source

PicoClaw

Sipeed

Partner Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:1 M:2 I:5

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

50 deps scanned via OSV.dev

60/64 prioritized files · b9a8fad

Multi-Agent Open Source

LangGraph

LangChain Inc.

Partner Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:1 I:6

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

20 deps scanned via OSV.dev

60/461 prioritized files · d57a74f

General Open Source

UI-TARS

ByteDance

Partner Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:2 I:5

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

4/5 prioritized files · 582f3a7

General Open Source

ZeroClaw

ZeroClaw Labs

Partner Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:2 I:37

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

26 deps scanned via OSV.dev

44/47 prioritized files · bab4da8

Multi-Agent Open Source

CrewAI

CrewAI Inc.

Node Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:2 I:41

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

60/1228 prioritized files · f214ff4

Multi-Agent Open Source

AutoGen

Microsoft Research

Node Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:3 I:9 CVE:1

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

38 deps scanned via OSV.dev

60/593 prioritized files · 027ecf0

General Open Source

PydanticAI

Pydantic

Node Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:3 M:2 I:5

Loop SafetyPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

6 deps scanned via OSV.dev

49/613 prioritized files · 13931c1

Research Open Source

Dexter

virattt

Node Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:5 I:12 CVE:3

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

35 deps scanned via OSV.dev

60/185 prioritized files · 4adf938

General Open Source

Moltis

Moltis Org

Node Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

M:12 I:27 CVE:10

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

23 deps scanned via OSV.dev

60/272 prioritized files · 48c9a41

Multi-Agent Open Source

OpenAI Swarm

OpenAI

Node Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:4 M:3 I:4

Loop SafetyPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

55/63 prioritized files · 6af0b4c

General Open Source

LlamaIndex

LlamaIndex Inc.

Node Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:1 M:12 I:1 CVE:10

Dependency VulnerabilityTool Abuse Risk

Top finding ████████████████████████████████████ — classified

17 deps scanned via OSV.dev

60/3958 prioritized files · 363d0b7

General Open Source

Semantic Kernel

Microsoft

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:82 I:11 CVE:81

Loop SafetyDependency VulnerabilityPrompt Safety

Top finding ████████████████████████████████████ — classified

34 deps scanned via OSV.dev

60/1266 prioritized files · 61331d8

General Open Source

UI-TARS Desktop

ByteDance

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:154 I:63 CVE:152

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

376 deps scanned via OSV.dev

60/1252 prioritized files · e9f3387

General Open Source

Mastra

Mastra AI

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:79 I:54 CVE:77

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

187 deps scanned via OSV.dev

60/6079 prioritized files · cff40d4

Multi-Agent Open Source

Paperclip

PaperclipAI

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:19 I:37 CVE:17

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

99 deps scanned via OSV.dev

60/1579 prioritized files · f3db7b8

General Open Source

OpenFang

RightNow AI

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:12 I:392 CVE:10

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

9 deps scanned via OSV.dev

36/39 prioritized files · acf2587

General Open Source

Agno

Agno (ex-Phidata)

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:131 I:3 CVE:129

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

354 deps scanned via OSV.dev

60/3948 prioritized files · 3adb736

General Open Source

AutoGPT

Significant Gravitas

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:1 M:14 I:21 CVE:11

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

150 deps scanned via OSV.dev

20/1865 prioritized files · 3417f13

General Open Source

Hermes Agent

NousResearch

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:19 I:18 CVE:17

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

159 deps scanned via OSV.dev

36/2798 prioritized files · 07ac185

Code Open Source

OpenHands

All Hands AI

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:5 M:7 I:10 CVE:5

Loop SafetyDependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

96 deps scanned via OSV.dev

60/1321 prioritized files · 94c60d7

General Open Source

smolagents

Hugging Face

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:84 I:35 CVE:81

Loop SafetyDependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

26 deps scanned via OSV.dev

27/77 prioritized files · e8b988d

General Open Source

Cherry Studio

CherryHQ

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:3 M:63 I:10 CVE:61

Loop SafetyDependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

418 deps scanned via OSV.dev

60/2529 prioritized files · 8d8de95

General Open Source

Nanobot

HKUDS

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:19 I:30 CVE:17

Loop SafetyDependency VulnerabilityTool Abuse RiskPrompt Safety

Top finding ████████████████████████████████████ — classified

52 deps scanned via OSV.dev

34/462 prioritized files · b8a4ceb

Multi-Agent Open Source

MetaGPT

FoundationAgents

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:3 M:57 I:13 CVE:55

Loop SafetyDependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

97 deps scanned via OSV.dev

60/919 prioritized files · 11cdf46

Multi-Agent Open Source

Agency Swarm

VRSEN

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:2 M:23 I:13 CVE:21

Loop SafetyDependency VulnerabilityTool Abuse RiskPrompt Safety

Top finding ████████████████████████████████████ — classified

22 deps scanned via OSV.dev

60/316 prioritized files · dad735a

General Open Source

Strands Agents

AWS / Strands

Rejected Preliminary scan Jun 10, 2026 Static refresh · AI findings preserved

H:4 M:10 I:25 CVE:7

Loop SafetyDependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

119 deps scanned via OSV.dev

60/1060 prioritized files · 3db1b63

Apply for a KYA™ evaluation.

Approved capabilities depend on your agent, operator, jurisdiction, cohort, and licensed infrastructure partners. A preliminary registry score does not guarantee financial access.

Apply for Access