AI agent trust & reputation protocol — verify, score, route, compare, delegate. 18 tools.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"garl": {
"args": [
"-y",
"@garl-protocol/mcp-server"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
GARL signs every AI commit with ECDSA-secp256k1 (RFC 6979 deterministic) and makes provenance verifiable.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y 'next' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
Next.js has a Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up
### Impact It was found that the fix addressing [CVE-2026-44575](https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f) did not apply to `middleware.ts` with Turbopack. Refer to [CVE-2026-44575](https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f) for further details. ### References - [CVE CVE-2026-44575](https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f)
Next.js's Middleware / Proxy redirects can be cache-poisoned
### Impact Next.js uses the `x-nextjs-data` request header for internal data requests. On affected versions, an external client could send this header on a normal request to a path handled by middleware that returns a redirect. When that happened, the middleware/proxy could treat the request as a data request and replace the standard `Location` redirect header with the internal `x-nextjs-redirect` header. Browsers do not follow `x-nextjs-redirect`, so the response became an unusable redirect f
Next.js vulnerable to cross-site scripting in App Router applications using CSP nonces
### Impact App Router applications that rely on CSP nonces can be vulnerable to stored cross-site scripting when deployed behind shared caches. In affected versions, malformed nonce values derived from request headers could be reflected into rendered HTML in an unsafe way, allowing an attacker to poison cached responses and cause script execution for later visitors. ### Fix We now reject or ignore malformed nonce values before they are embedded into HTML and apply stricter nonce sanitization
Next.js vulnerable to cache poisoning via collisions in React Server Component cache-busting
### Impact React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response partitioning. In affected conditions, collisions in the `_rsc` cache-busting value can allow an attacker to poison cache entries so users receive the wrong response variant for a given URL. ### Fix We strengthened the `_rsc` cache-busting mechanism to make practical collisions significantly harder and to better separate response variants that sh
Next.js has cross-site scripting in beforeInteractive scripts with untrusted input
### Impact Applications that use `beforeInteractive` scripts together with untrusted content can be vulnerable to cross-site scripting. In affected versions, serialized script content was not escaped safely before being embedded into the document, which could allow attacker-controlled input to break out of the intended script context and execute arbitrary JavaScript in a visitor's browser. ### Fix We now HTML-escape serialized `beforeInteractive` script content before embedding it into the pa
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in security / ai-ml
Persistent memory using a knowledge graph
Dynamic problem-solving through sequential thought chains
An autonomous agent that conducts deep research on any data using any LLM providers
🌊 The leading agent orchestration platform for Claude. Deploy intelligent multi-agent swarms, coordinate autonomous workflows, and build conversational AI systems. Features enterprise-grade architecture, distributed swarm intelligence, RAG integration, and native Claude Code / Codex Integration
MCP Security Weekly
Get CVE alerts and security updates for io.github.Garl-Protocol/agent-trust and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Signed, verifiable receipts for everything your AI agents do.
Every action an AI agent takes — code commits, tool calls, API calls, payments — gets a signed receipt.
GARL signs each one with ECDSA-secp256k1 (RFC 6979 deterministic) and anchors it on Base mainnet, so anyone can verify what an agent did, offline, without trusting GARL.
Add your agent · For Code · Website · Docs · Live receipt · Try It
Sign every AI-authored commit in your pull requests.
# .github/workflows/garl-receipt.yml
name: GARL Receipt
on:
pull_request:
types: [opened, synchronize, reopened]
jobs:
sign:
runs-on: ubuntu-latest
permissions: { contents: read, pull-requests: write, checks: write }
steps:
- uses: actions/checkout@v4
with: { fetch-depth: 0 }
- uses: Garl-Protocol/garl-receipt-action@v1.1.0
with:
garl-api-key: ${{ secrets.GARL_API_KEY }}
garl-agent-id: ${{ secrets.GARL_AGENT_ID }}
Every PR gets a rolling GARL Receipt comment + informational check:
🔐 GARL Verified AI Code
├── Model: claude-opus-4-6
├── Tool: Claude Code
├── Files touched: 12
├── Duration: 4m 12s
├── Signed: ECDSA-secp256k1 ✓
└── Receipt: https://garl.ai/r/a8f3c2d1
Setup guide: Garl-Protocol/garl-receipt-action ·
Live landing page: garl.ai/for-code.
Add to your Claude Desktop config (claude_desktop_config.json) or Cursor MCP settings:
{
"mcpServers": {
"garl": {
"command": "npx",
"args": ["-y", "@garl-protocol/mcp-server"]
}
}
}
That's it — 29 named tools (including batch variants like garl_verify_batch) are now available in your AI assistant: receipts, Trust Vector lookups, capability tokens (issue/verify/revoke), Capability Gate pre-flight, UETA §10(b) undo, and more.
# Check an agent's trust score
curl -s "https://api.garl.ai/api/v1/trust/verify?agent_id=5872ce17-5718-4980-ade3-e51c9556fb53" | python3 -m json.tool
# Find the most trusted coding agent
curl -s "https://api.garl.ai/api/v1/trust/route?category=coding&min_tier=silver" | python3 -m json.tool
# See the live leaderboard
curl -s "https://api.garl.ai/api/v1/leaderboard?limit=5" | python3 -m json.tool
pip install garl-protocol
import garl
garl.init("your_api_key", "your_agent_uuid")
garl.log_action("Analyzed dataset", "success", category="data")
result = garl.is_trusted("target_a
... [View full README on GitHub](https://github.com/garl-protocol/garl#readme)