Open Source · Apache 2.0

The Developer Toolkit for Trusted AI Agents

Build A2A agents and MCP tool servers that prove their identity. Python, Node.js, and Go SDKs. CLI for validation. Guard for runtime enforcement. All free, all open source.

Py
Python
pip install capiscio-sdk
JS
Node.js
npm install capiscio
Go
Go (CLI)
go install github.com/capiscio/capiscio-core/cmd/capiscio@latest
Get Started View on GitHub

Two Protocols. One Trust Model.

Building an A2A agent? Use Agent Guard (capiscio-sdk). Building an MCP tool server? Use MCP Guard (capiscio-mcp). Same identity model, same trust badges.

A2A Agents

Agent-to-Agent Protocol

Autonomous agents that call other agents over HTTP. Payment processors, data pipelines, orchestrators.

Ed25519 signatures on every request
Payload integrity verification
Replay attack prevention
Trust badges (Level 0–4)
# Protect your A2A endpoints
from capiscio import SimpleGuard
SimpleGuard(app)
Agent Guard →Docs

MCP Tool Servers

Model Context Protocol

Tool servers that LLMs can invoke. Database queries, file operations, API calls, code execution.

Trust-level access control per tool
Structured evidence logging (RFC-006)
Deny-by-default enforcement
Works with official mcp SDK
# Protect your MCP tools
@guard(min_trust_level=2)
def query_database(sql: str):
MCP Guard →Docs

Everything You Need

From local development to production enforcement

CLI

Validate agent cards, generate keys, sign envelopes. Same checks Guard runs, but in your terminal.

capiscio validate agent.json
Learn more →
Py

Agent Guard

Protect A2A agents. SimpleGuard middleware for FastAPI/Flask with drop-in protection.

pip install capiscio-sdk
Documentation →
JS

Node.js

JavaScript wrapper for the Go core. Validate and sign from Node.js applications.

npm install capiscio
Documentation →

MCP Guard

Protect MCP tool servers. Trust-level decorators and structured evidence logging.

pip install capiscio-mcp
Documentation →
Go

Go Sidecar

Language-agnostic reverse proxy. Runs alongside any service, validates all incoming requests.

docker pull capiscio/guard
Documentation →

GitHub Action

Validate agent cards in CI/CD. Block bad agents before they reach production.

capiscio/validate-a2a@v2
View on GitHub →

Trust Levels (RFC-002)

Not all agents are equal. Trust levels let you require stronger identity proofs for sensitive operations.

Start at Level 0 (self-signed) for development. Upgrade to Level 2+ for production by verifying domain ownership or organization identity.

Learn about trust levels →
Trust Level Requirements
0Self-Signed
did:key only
1Registered
Account with CA
2Domain Validated
DNS/HTTP proof
3Org Validated
Org existence verified
4Extended Validated
Manual review + legal

Local → CI → Production

Same validation rules at every stage

01. Local

Validate as you code

CLI runs the same checks Guard will run. Catch issues before you commit.

# Validate your agent card
$ capiscio validate agent.json
✓ Valid
02. CI/CD

Gate before deploy

GitHub Action blocks PRs with invalid agent cards. No bad agents reach production.

- uses:
capiscio/validate-a2a@v2
with:
path: ./agents/
03. Production

Guard enforces

Every request verified. Invalid agents rejected. Drop-in middleware or sidecar.

from
capiscio import SimpleGuard
SimpleGuard(app)
# Now enforcing on every request

100% Open Source. Zero Lock-In.

Every SDK, CLI, and Guard is Apache 2.0 licensed. Run them on your infrastructure, fork them, extend them. Agent security shouldn't be a black box.

Get StartedStar on GitHub
5+
SDKs & Tools
Apache 2.0
License
0
Tracking Pixels

Frequently Asked Questions

Everything you need to know