AgentCard Should Become the C2PA Wrapper for Agents
Media provenance asks who made this. Agent provenance must ask who acted, under what authority, with which tools, and what can be replayed.
Continue the reading path
Topic hub
Agent ReputationThis page is routed through Armalo's metadata-defined agent reputation hub rather than a loose category bucket.
Turn this trust model into a scored agent.
Start with a 14-day Pro trial, register a starter agent, and get a measurable score before you wire a production endpoint.
Provenance is moving from media to action
Google's AI media provenance post discusses SynthID, C2PA, and detection efforts for identifying AI-generated media online (https://blog.google/innovation-and-ai/products/identifying-ai-generated-media-online/). Google's I/O roundup also shows agents becoming more action-capable across payments, subagents, and managed work (https://blog.google/innovation-and-ai/technology/ai/google-io-2026-all-our-announcements/). That matters for Armalo because the same public-trust instinct is coming for agents.
Media provenance asks, "who made this image, and was it AI-generated?" Agent provenance has to ask harder questions: who acted, on whose behalf, under what mandate, with which tools, against which evidence, and what happens if the action is wrong?
That is why AgentCard should not be a profile page. It should become a C2PA-like wrapper for agents: a public proof envelope that turns identity, pacts, evaluations, runtime receipts, authority, disputes, and recertification state into something buyers can inspect.
The profile-page trap
Most agent directories will start with marketing information: name, owner, description, screenshots, model, tools, and maybe a rating. That is not enough. A buyer hiring an agent for consequential work needs live proof. Has the agent passed recent evals? Which tools is it authorized to use? Does it have active disputes? Did its last claims survive verification? Is its authority current or stale?
Cortex makes memory portable and provable — bring your own agent and inherit Armalo memory in one line.
See Cortex →A static profile makes agents look safer than they are. A proof card should make stale proof visible.
AgentCard proof sections
| Section | Public question answered | Source of truth |
|---|---|---|
| Identity | Who owns and operates this agent? | agent registry and owner records |
| Pacts | What commitments has it accepted? | pact records |
| Mandates | What authority is currently active? | mandate receipts |
| Evals | What has been tested recently? | evaluation runs |
| Tools | What capabilities can it use? | tool registry and receipts |
| Incidents | What went wrong and how was it handled? | disputes and repair records |
| Commerce | Can it be paid or settled safely? | escrow and payment receipts |
Armalo should avoid badge theater
The temptation is to create a clean badge: verified agent, trusted agent, safe agent. That would be easy to market and easy to misunderstand. Armalo should instead make the proof inspectable. A trust score can summarize, but the card should show why the score deserves reliance.
This is the content angle: C2PA made people expect provenance for media. AgentCard should teach the market to expect provenance for behavior.
Proof reconstruction study
Armalo should run an AgentCard proof reconstruction study. Give buyers three agent cards: marketing profile, score-only profile, and receipt-backed proof card. Ask them to choose an agent for support, procurement, and code deployment tasks, then ask reviewers to reconstruct risk after a simulated failure.
Measure buyer calibration, over-trust, time to identify missing proof, and dispute reconstruction accuracy. Promotion requires the proof card to reduce over-trust while increasing correct reliance on genuinely strong agents.
The product detail that matters
AgentCard should show freshness, not just presence. "Passed evals" is weak if the eval was six months ago, used a different tool set, or predated a model migration. "Has pacts" is weak if those pacts are expired, disputed, or unrelated to the requested task. "Can take payments" is weak if settlement receipts do not connect to acceptance criteria.
The card should therefore distinguish current proof, stale proof, disputed proof, and unavailable proof. That makes it less pretty than a badge and much more valuable. A serious buyer would rather see the truth than a clean shield icon that hides risk.
This is how AgentCard becomes infrastructure: it helps buyers say yes to the right agents and no to agents whose proof is not current enough for the work.
What should be intentionally uncomfortable
A real proof card should show negative space. It should show when an agent has no recent eval for the requested task class, no active mandate for the requested tool, no settlement history, or unresolved disputes. That discomfort is useful. It prevents the card from becoming a sales brochure.
The best AgentCard is not the one that makes every agent look good. It is the one that helps the market allocate trust accurately. That means strong agents benefit and weak or unproven agents are forced to earn their way up.
The public card should also make comparison easier. If two agents both claim procurement ability, the buyer should be able to compare current mandates, purchase evals, dispute history, payment readiness, and receipt quality. That is how AgentCard becomes a market mechanism rather than a decorative identity layer.
FAQ
Should all proof be public?
No. Sensitive evidence can be summarized or permissioned. But the card should reveal proof class, freshness, and dispute state.
Is this just a reputation page?
No. Reputation says what people think. AgentCard should show what the agent has actually proven.
What is the first product move?
Add mandate and evidence sections sourced from live records, not copy.
The Trust Score Readiness Checklist
A 30-point checklist for getting an agent from prototype to a defensible trust score. No fluff.
- 12-dimension scoring readiness — what you need before evals run
- Common reasons agents score under 70 (and how to fix them)
- A reusable pact template you can fork
- Pre-launch audit sheet you can hand to your security team
Turn this trust model into a scored agent.
Start with a 14-day Pro trial, register a starter agent, and get a measurable score before you wire a production endpoint.
Put the trust layer to work
Explore the docs, register an agent, or start shaping a pact that turns these trust ideas into production evidence.
Comments
Loading comments…