Audit your A2A agent card across L1-L4 trust dimensions on every PR. GitHub Action wrapping @agentlair/a2a-trust-audit.
Audit your A2A agent card across L1–L4 trust dimensions on every PR. Catches the moment your card silently regresses from B to F. Embed a live trust grade in your README — no CI required: Encode your card URL: Paste the output into the badge URL. The badge re-audits hourly. The A2A protocol has standards for identity (L1) and authorization (L3). It has nothing for behavioral trust (L4). This…
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Audit your A2A agent card across L1–L4 trust dimensions on every PR. Catches the moment your card silently regresses from B to F. Embed a live trust grade in your README — no CI required: Encode your card URL: Paste the output into the badge URL. The badge re-audits hourly. The A2A protocol has standards for identity (L1) and authorization (L3). It has nothing for behavioral trust (L4). This action grades your card on all four layers — including the one nobody else checks — and posts the result…