Azomland is financial operating infrastructure for autonomous AI agents. We provide USD accounts, virtual Mastercards, and USDC wallets granted through the KYA™ scoring protocol.

What is Azomland's role?

Azomland provides the identity, scoring, and orchestration layer. Payment and regulated financial services are facilitated by licensed partners including Stripe, Inc.

How do I give my AI agent financial access?

Install the npm package: npm install @azomland/go. Your agent reads the skill.md file and applies autonomously to the KYA evaluation queue.

KYA™ (Know Your Agent) is Azomland's identity and risk scoring protocol. It scores agents across Framework, Code Health, Business, Operator, Jurisdictions, and Track Record.

KYA™ · Know Your Agent

Agent Trust Registry

Public registry of preliminary KYA™ signals for source-visible agent projects.
Scores support due diligence and capability controls. They are not final security certifications.

Agents tracked

Preliminary scans

2022

Findings flagged

757

CVEs detected

Static analysis + OSV.dev CVE scan + NVIDIA Llama 70B audit · Questions? [email protected]

Tiers

Sovereign ≥85

Partner ≥72

Node ≥58

Rejected <58

Blended score: 30% manual baseline + 70% live analysis

Audit Methodology

How we score agents

Every score in this registry is produced by a three-stage preliminary pipeline run against a prioritized sample of the agent's public source code — no installs, no clones, no marketing materials. We inspect capabilities, check dependencies, and run an independent AI review.

Scores are a blend of our manual safety baseline (30%) and the live analysis result (70%). The baseline captures things code can't show: organizational maturity, incident history, and published safety disclosures. The live analysis reflects what's actually in the codebase today.

On false positives. Static analysis is inherently noisy. A CLI tool using child_process looks the same as a malicious subprocess call. An agent that legitimately browses the web will flag network patterns. We surface these signals — we don't suppress them — because the operator needs to make that judgment for their context. Over time, our detection patterns improve as we build type-aware and context-aware rules. Treat scores as a starting point for due diligence, not a final verdict.

Static code analysis

Pattern-based scan across a prioritized source sample fetched via GitHub API — no disk writes, no execution. We flag capabilities such as shell execution, code evaluation, and network access for review. A capability signal is not, by itself, a confirmed vulnerability.

Dependency CVE scan

We parse package.json and requirements.txt files without installing anything. Each dependency is queried against OSV.dev — Google's open vulnerability database — using their batch API. CVSS ≥7.0 is flagged as High, 4.0–7.0 as Medium. We also flag unpinned version ranges (^, ~, *) as supply chain risk.

AI-powered semantic audit

Source files are passed to a large language model (Llama 3.1 70B via NVIDIA NIM) with a structured security prompt. The model looks for issues static patterns miss: unsafe prompt construction, missing input validation on tool calls, context leakage between sessions, and missing human-in-the-loop checkpoints. This stage catches behavioral risks, not just syntactic ones.

Score composition

Five dimensions are scored: Framework (design-level guardrails), Code Health (quality and safety of implementation), Tool Permissions (blast radius of tool access), Prompt Safety (injection resistance), and Loop Safety (termination guarantees). These combine into a raw score, which is then blended with our manual baseline. Scores are re-run periodically as frameworks evolve.

Code Source Available

Claude Code

Anthropic

Partner Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:1 M:2 I:80

Prompt Safety

Top finding ████████████████████████████████████ — classified

20/26 prioritized files · b67fa4f

General Open Source

IronClaw

Near AI

Partner Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:1 M:2 I:169

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

13 deps scanned via OSV.dev

21/158 prioritized files · 556dfd0

General Open Source

ZeroClaw

ZeroClaw Labs

Partner Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:1 M:2 I:38

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

26 deps scanned via OSV.dev

44/47 prioritized files · a1b641e

General Open Source

OpenClaw

OpenClaw Labs

Partner Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:2 I:2

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

61 deps scanned via OSV.dev

60/16210 prioritized files · 688777c

General Open Source

UI-TARS

ByteDance

Partner Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:2 I:5

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

4/5 prioritized files · 582f3a7

General Open Source

LangChain Agent

LangChain Inc.

Partner Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:2 I:1

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

60/2491 prioritized files · 34af59c

General Open Source

PicoClaw

Sipeed

Partner Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:2 I:5

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

50 deps scanned via OSV.dev

60/64 prioritized files · 0ce6e20

Multi-Agent Open Source

LangGraph

LangChain Inc.

Node Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:2 I:6

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

20 deps scanned via OSV.dev

60/460 prioritized files · 43682f0

Multi-Agent Open Source

CrewAI

CrewAI Inc.

Node Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:2 I:40

Prompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

60/1210 prioritized files · aed6923

General Open Source

PydanticAI

Pydantic

Node Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:3 I:6

Loop SafetyPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

6 deps scanned via OSV.dev

49/609 prioritized files · 60f5147

Multi-Agent Open Source

AutoGen

Microsoft Research

Node Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:3 I:9 CVE:1

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

38 deps scanned via OSV.dev

60/593 prioritized files · 027ecf0

Research Open Source

Dexter

virattt

Node Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:5 I:12 CVE:3

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

35 deps scanned via OSV.dev

60/185 prioritized files · 8d94198

General Open Source

Moltis

Moltis Org

Node Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

M:12 I:27 CVE:10

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

23 deps scanned via OSV.dev

60/272 prioritized files · d87c542

Multi-Agent Open Source

OpenAI Swarm

OpenAI

Node Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:4 M:3 I:5

Loop SafetyPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

55/63 prioritized files · 6af0b4c

General Open Source

LlamaIndex

LlamaIndex Inc.

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:1 M:12 I:2 CVE:10

Dependency VulnerabilityTool Abuse Risk

Top finding ████████████████████████████████████ — classified

17 deps scanned via OSV.dev

60/3958 prioritized files · 9aa5ee5

General Open Source

Semantic Kernel

Microsoft

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:82 I:11 CVE:81

Loop SafetyDependency VulnerabilityPrompt Safety

Top finding ████████████████████████████████████ — classified

34 deps scanned via OSV.dev

60/1266 prioritized files · 417d62f

General Open Source

UI-TARS Desktop

ByteDance

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:150 I:63 CVE:148

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

376 deps scanned via OSV.dev

60/1252 prioritized files · e9f3387

Multi-Agent Open Source

Paperclip

PaperclipAI

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:22 I:35 CVE:20

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

101 deps scanned via OSV.dev

60/1502 prioritized files · d60f50e

General Open Source

OpenFang

RightNow AI

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:12 I:392 CVE:10

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

9 deps scanned via OSV.dev

36/39 prioritized files · acf2587

General Open Source

Mastra

Mastra AI

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:68 I:54 CVE:66

Dependency VulnerabilityTool Abuse RiskPrompt Safety

Top finding ████████████████████████████████████ — classified

196 deps scanned via OSV.dev

60/5924 prioritized files · acc7741

General Open Source

Hermes Agent

NousResearch

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:19 I:18 CVE:17

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

163 deps scanned via OSV.dev

34/2591 prioritized files · ee7948e

General Open Source

AutoGPT

Significant Gravitas

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:13 I:21 CVE:11

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

150 deps scanned via OSV.dev

20/1863 prioritized files · 2ca389e

General Open Source

Agno

Agno (ex-Phidata)

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:3 M:131 I:3 CVE:129

Dependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

351 deps scanned via OSV.dev

60/3928 prioritized files · a2f800d

General Open Source

Cherry Studio

CherryHQ

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:3 M:63 I:10 CVE:61

Loop SafetyDependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

440 deps scanned via OSV.dev

60/2491 prioritized files · 5706307

General Open Source

Nanobot

HKUDS

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:19 I:29 CVE:17

Loop SafetyDependency VulnerabilityTool Abuse RiskPrompt Safety

Top finding ████████████████████████████████████ — classified

50 deps scanned via OSV.dev

34/432 prioritized files · c77ca16

Multi-Agent Open Source

MetaGPT

FoundationAgents

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:3 M:57 I:12 CVE:55

Loop SafetyDependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

97 deps scanned via OSV.dev

60/919 prioritized files · 11cdf46

Multi-Agent Open Source

Agency Swarm

VRSEN

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:2 M:23 I:12 CVE:21

Loop SafetyDependency VulnerabilityTool Abuse Risk

Top finding ████████████████████████████████████ — classified

22 deps scanned via OSV.dev

59/304 prioritized files · e310ae5

Code Open Source

OpenHands

All Hands AI

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:3 M:15 I:10 CVE:11

Loop SafetyDependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

98 deps scanned via OSV.dev

60/1313 prioritized files · 904e9cf

General Open Source

Strands Agents

AWS / Strands

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:3 M:13 I:24 CVE:9

Loop SafetyDependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

110 deps scanned via OSV.dev

60/1019 prioritized files · 0e0035f

General Open Source

smolagents

Hugging Face

Rejected Preliminary scan Jun 4, 2026 Static refresh · AI findings preserved

H:3 M:82 I:34 CVE:77

Loop SafetyDependency VulnerabilityPrompt SafetyTool Abuse Risk

Top finding ████████████████████████████████████ — classified

26 deps scanned via OSV.dev

27/77 prioritized files · e8b988d

Apply for a KYA™ evaluation.

Approved capabilities depend on your agent, operator, jurisdiction, cohort, and licensed infrastructure partners. A preliminary registry score does not guarantee financial access.

Apply for Access