Package Exports
- ai-trust
- ai-trust/dist/index.js
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (ai-trust) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
OpenA2A: CLI · HackMyAgent · Secretless · AIM · Browser Guard · DVAA
ai-trust
Trust verification CLI for AI packages — MCP servers, A2A agents, skills, AI tools, and LLMs. Queries the OpenA2A Registry trust graph for security scans, community consensus, dependency risk, and known advisories.
For general-purpose libraries (express, typescript, chalk, etc.) use HackMyAgent instead — ai-trust is scoped to AI-native packages only.
Installation
brew install opena2a-org/tap/ai-trustOr via npm:
npm install -g ai-trustOr run directly with npx:
npx ai-trust check @modelcontextprotocol/server-filesystemFor a full security dashboard covering trust, credentials, shadow AI, and more:
npx opena2a-cli reviewQuick Start
ai-trust check @modelcontextprotocol/server-filesystemExpected output:
@modelcontextprotocol/server-filesystem mcp_server · scanned 2 days ago
No known issues
Trust ━━━━━━━━━━━━━━━━━━━━ 87/100
Level Scanned (3/4)
Blocked > Warning > Listed > Scanned > Verified
── Next Steps ──────────────────────────────────────────────
Fresh scan: ai-trust check @modelcontextprotocol/server-filesystem
Full project audit: ai-trust audit package.jsonScope: AI packages only
ai-trust verifies trust for AI-native packages. For everything else, use HMA:
| Your package is... | Use |
|---|---|
| MCP server / A2A agent / skill / AI tool / LLM | ai-trust |
| General-purpose library (express, chalk, typescript, etc.) | hackmyagent check <pkg> |
| Full codebase security audit | hackmyagent secure . |
ai-trust audit package.json audits AI packages in the trust table and separately lists libraries in an "Out of scope" section with an HMA pointer.
Built-in Help
ai-trust --help # All commands and flags
ai-trust --version # Current version
ai-trust [command] -h # Help for a specific commandCommands
check
Look up the trust verdict for a single AI package.
ai-trust check @modelcontextprotocol/server-filesystem
ai-trust check my-custom-agent --type a2a_agent
ai-trust check @modelcontextprotocol/server-postgres --json # JSON output for scriptingRunning check on a general-purpose library (e.g. ai-trust check express) returns an "out of scope" message with a redirect to hackmyagent check express. This is intentional — ai-trust is for AI packages only.
MCP Server Trust
MCP servers are the most common trust query. Use shorthand to skip the full @modelcontextprotocol/ scope:
# These are equivalent:
ai-trust check server-filesystem
ai-trust check @modelcontextprotocol/server-filesystem
# Third-party MCP servers use their own package names:
ai-trust check mcp-server-kubernetes
ai-trust check @supabase/mcp-server-supabase
ai-trust check @cloudflare/mcp-server-cloudflareShorthand rule: server-* resolves to @modelcontextprotocol/server-*. Third-party mcp-server-* packages are looked up by their actual name.
Scan on demand
When a package is not in the registry, ai-trust can download and scan it locally using HackMyAgent. In interactive mode, you will be prompted. In CI, use flags:
# Auto-scan unknown packages, contribute results to the community registry
ai-trust check mcp-server-xyz --scan-if-missing --contribute
# Registry lookup only (skip local scan)
ai-trust check server-filesystem --no-scanaudit
Parse dependency files and audit AI packages. Supports any .json file (package.json format) or .txt file (requirements.txt format). Libraries in the file are partitioned into an "Out of scope" section with a pointer to HMA for general security scanning.
ai-trust audit package.json
ai-trust audit requirements.txt
ai-trust audit package.json --min-trust 2 # set minimum trust threshold (default: 3)
ai-trust audit package.json --scan-missing --contribute # scan unknown AI packagesExample output (mixed AI + libraries):
5 AI packages audited · 9 libraries out of scope
PACKAGE TYPE VERDICT TRUST SCORE SCAN
──────────────────────────────────────────────────────────────────────────────────────
@modelcontextprotocol/sdk mcp_server SAFE Scanned ━━━━━━━━ 87 passed
@opena2a/aim-core a2a_agent SAFE Scanned ━━━━━━━━ 81 passed
...
── Out of scope (libraries) ────────────────────────────────
ai-trust is for AI packages. For general security, use HackMyAgent.
@noble/ed25519, @noble/post-quantum, commander, js-yaml, onnxruntime-node + 4 more
── Next Steps ──────────────────────────────────────────────
Library security: npx hackmyagent secure .batch
Look up trust verdicts for multiple AI packages at once. Non-AI packages get partitioned into the "Out of scope" footer.
ai-trust batch @modelcontextprotocol/server-filesystem @modelcontextprotocol/server-postgres
ai-trust batch my-server-a my-server-b --type mcp_serverOutput Options
ai-trust check express --json # JSON output for scripting
ai-trust audit package.json --json # JSON audit output
ai-trust check express --no-color # disable colored output
ai-trust check express --registry-url http://localhost:8080 # custom registryCommunity Contribution
Every scan you run can improve trust data for the entire community. Scan results are shared as anonymized telemetry (check pass/fail and severity only -- no file paths, source code, or descriptions).
On first scan, ai-trust asks whether you want to contribute. Your choice is saved in ~/.opena2a/config.json and shared across all OpenA2A tools (opena2a-cli, hackmyagent).
# Contribute for this scan (non-interactive / CI)
ai-trust check chalk --contribute
# Configure globally via opena2a-cli
opena2a config set contribute true # opt in
opena2a config set contribute false # opt outThe more scans contributed, the faster packages move from "Listed" to "Scanned" trust level, reducing risk for everyone.
Trust Levels
| Level | Label | Description |
|---|---|---|
| 0 | Blocked | Package is blocked due to security concerns |
| 1 | Warning | Package has known issues |
| 2 | Listed | Package is listed but not yet scanned |
| 3 | Scanned | Package has been scanned by HackMyAgent |
| 4 | Verified | Package is verified by the publisher |
Exit Codes
| Code | Meaning |
|---|---|
| 0 | All queried packages are safe / meet the trust threshold |
| 1 | Operational error (network failure, file not found, server error) |
| 2 | Policy signal: one or more packages have warning/blocked verdict or fall below --min-trust |
Requirements
- Node.js 18 or later
- HackMyAgent (optional, required for local scanning)
Development
git clone https://github.com/opena2a-org/ai-trust.git
cd ai-trust && npm install && npm run build
node dist/index.js check express # run locally without installingUse Cases
Step-by-step guides for common workflows:
- Check if a package is safe before installing
- Verify an MCP server's trust score
- Contribute trust data to the community
See docs/USE-CASES.md for the full index.
Links
- OpenA2A Registry — trust scores and scan data
- OpenA2A CLI — unified security CLI
- HackMyAgent — local scanning for unverified packages
- opena2a.org — full platform
License
Apache-2.0