AgenticTrust

The Identity & Access Control (IAM) backbone for AI Agents {Authenticate -> Authorize -> Audit every AI agent & MCP tool} Helping devs & enterprises secure Agentic Workflows

Comment

AgenticTrust — IAM for AI Agents & MCP

Inspiration

A rogue agent wiped a prod database and tried to hide it. That was the “enough is enough” moment for me. Without verifiable identity, tight permissions, and real audit trails, agents are a liability.

What it does

AgenticTrust gives every agent real IAM:

  • Cryptographically verifiable agent IDs
  • Task/tool‑scoped, time‑boxed permissions
  • One registry to manage lifecycles, policies, and revocations
  • Tamper‑proof audit trails across stacks and clouds

How I built it

  • Spoke with security folks and AI‑native vendors (Coalfire, Workspan, ShopOS) to confirm the pain.
  • In ~6 hours, built a registry + policy engine on AWS Bedrock and wired it into MCP servers.
  • Kept the dev flow simple: drop‑in SDK/CLI so builders don’t become IAM experts.

Sponsors I used (and how)

  • Bright Data MCP Server – real-time web data to stress-test fine-grained tool scopes.
  • Datadog MCP Server – streamed logs/traces into our audit layer.
  • LlamaIndex – let agents safely query policy docs/configs.
  • Mastra – quick TS scaffolding to spin up and test agents/workflows.
  • Arcade – Direct Tool Calling to prove “only approved tools, only this way.”
  • Sola (explored) – auto-generate security review answers from our configs.

Challenges

  • Cutting scope fast enough to land a clean MVP in 48 hours.
  • Proving this was a real need, not just a neat hackathon idea.

Accomplishments

  • Soft commitments from two enterprise design partners (Workspan, ShopOS).
  • Working prototype: a first IAM layer built specifically for agents/MCP.

What we learned

  • Teams won’t scale agents without built-in identity, auth, and audit.
  • Devs want plug‑and‑play security, not another platform to babysit.
  • Security has to be day one, not bolted on later.

What’s next

  • Deploy with design partners and tighten PMF from real usage.
  • Closed beta → paying customers within a month.
  • Deeper MCP/tool integrations so security reviews become trivial.

If we had more time

  • Real-time threat intel feeding policy decisions.
  • First-class AgentCore integration and more MCP servers.
  • Automated delegated permissions (user → agent → tool) with verifiable chains.

Built With

Share this project:

Updates