vitonique/a2a-secure

A2Acommunity
vitoniqueMITUpdated 3mo agoGitHub

End-to-end encrypted communication for AI agents. The security layer that Google A2A forgot.

End-to-end encrypted communication for AI agents. Google A2A tells agents how to talk. A2A Secure makes sure nobody else is listening. Live Demo · Documentation · Roadmap The Google A2A protocol defines how AI agents discover and communicate. It says nothing about securing that conversation. Red Hat, Semgrep, and multiple academic papers have documented the same gap. Feature |…

Automatically indexed from public sources. Not yet verified by the developer on Forge.Claim this listing →
3GitHub stars
3mo agoLast update
Package
Authorvitonique
LicenseMIT
Sourcegithub
Trust Status
B
60/100Good
Listed in Forge index+10/10
Publisher identity verified+0/25
Publisher: run `forge publish` from the package repo to claim ownership
Ed25519 publish signature+0/10
Included automatically when the publisher runs `forge publish`
Domain verification+0/5
Publisher: host /.well-known/forge.json on the package homepage with { "publisher": "<github-login>" }
CVE scan · not run+0/30
Not yet scanned — package must be on npm
Static analysis · clean+20/20
npm provenance (Sigstore)+0/5
Publish from GitHub Actions with the --provenance flag
Paste into Claude Code, Cursor, or any AI assistant to fix all gaps
StatusCommunity-indexed
PublisherUnverified
SignatureUnsigned
Domain
Provenance
DependenciesNot audited
Tool surface
Security scan✓ CleanvHEAD · 19d ago
EvalsNone
IndexedJun 13, 2026

Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.

About

End-to-end encrypted communication for AI agents. Google A2A tells agents how to talk. A2A Secure makes sure nobody else is listening. Live Demo &middot; Documentation &middot; Roadmap The Google A2A protocol defines how AI agents discover and communicate. It says nothing about securing that conversation. Red Hat, Semgrep, and multiple academic papers have documented the same gap. Feature | Google A2A | A2A Secure | ---------|-----------|------------| Authentication | Bearer token | Ed25519…

Keywords
a2aagent-to-agentai-agentscryptographye2e-encryptioned25519encryptiongoogle-a2amulti-agentsecurity