All notable changes to AgentMesh will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
AgentIdentity- First-class agent identity with Ed25519 cryptographic keysAgentDID- Decentralized identifiers for agentsScopeChain- Scope chains for scope narrowingHumanSponsor- Human sponsor accountability for every agentCredential- Ephemeral credentials with 15-minute default TTLCredentialManager- Automatic credential rotation and revocationRiskScorer- Continuous risk scoring updated every 30 secondsSPIFFEIdentity- SPIFFE/SVID workload identity for mTLS
TrustBridge- Unified trust layer across A2A, MCP, IATP, ACPA2AAdapter- Google A2A protocol support (Agent Card, task lifecycle)MCPAdapter- Anthropic MCP protocol support (tool registration, resource binding)TrustHandshake- IATP trust handshakes with <200ms targetCapabilityScope- Capability-scoped credential issuanceCapabilityRegistry- Resource and action-level capability control
PolicyEngine- Declarative policy engine (YAML/JSON) with <5ms evaluationPolicyandPolicyRule- Composable policy definitionsComplianceEngine- Automated compliance mapping- EU AI Act
- SOC 2
- HIPAA
- GDPR
AuditLog- Comprehensive audit loggingShadowMode- Pre-production red-teaming with <2% divergence target
RewardEngine- Behavioral reward scoringTrustScore- Per-agent trust scores (0-1000 scale)
agentmesh init- Scaffold a governed agent in 30 secondsagentmesh register- Register agent with AgentMesh CAagentmesh status- View agent status and trust score breakdownagentmesh policy- Load and validate policy filesagentmesh audit- View tamper-evident audit logs
- Requires
agent-os[nexus,iatp]>=1.2.0for IATP protocol and Nexus integration - Python 3.11+ required
- This is an alpha release for early adopters and design partners
- API may change before 1.0.0 stable release
- Not recommended for production use without consulting with maintainers