agentaegis-mcp-production.up.railway.app
AgentAegis provides CVE lookups, dependency vulnerability scanning, MCP plugin security analysis, and SSL/TLS checks.
Trust signal
1 of 4 pillars
coverage 25%
Unrated — not enough evidence yet to assign a tier.
Pillars
Signals
Evidence tiers, not an endorsement · trust model v0.1.0 (provisional) · CDP-lane settlement only (D3) · Trust API coming soon
On-chain traction
No on-chain settlement recorded. Unverified = not settled or not yet indexed — never treated as zero.
ERC-8004 agent registry
Not found in the ERC-8004 agent registry. This is the default state — absence is not a negative signal.
Identity & classification
Settlement volume
Per-service timeline not available yet. No settlement recorded for this entity in the indexed period.
Endpoints(6)
AgentAegis cve_lookup — CVSS score, severity, CWE classifications, CISA KEV (known-exploited) status, affected products and references for a CVE id. NVD with CIRCL + OSV fallback for reliability.
AgentAegis ssl_tls_audit — TLS/certificate health grade for a host: supported protocols, cipher strength, certificate validity + days-to-expiry, and known TLS vulnerabilities.
AgentAegis dependency_audit — scan a git repository or a dependency manifest (npm/pip/go/ruby/java/cargo) for known-CVE packages, with severities and upgrade fixes (Trivy).
AgentAegis threat_intel_lookup — reputation + threat verdict for an IOC (IP, domain, URL, or file hash) aggregated across AbuseIPDB, AlienVault OTX, and abuse.ch.
AgentAegis vet_endpoint — composite PROCEED/CAUTION/BLOCK safety verdict for an endpoint an AI agent is about to call or pay. Runs live TLS/cert, DNS hygiene, threat-intel (domain + resolved IP), and domain-age signals → one trust score with reasons.
AgentAegis scan_mcp_plugin — supply-chain trust scan of an MCP server or agent skill BEFORE you install/trust it. Clones a git repo (or takes a code snippet) and flags exfiltration (secrets/env to the network), prompt-injection sinks (hijack phrases + hidden unicode), dangerous capabilities (eval/shell/dynamic exec), npm install hooks, and obfuscation → one PROCEED/CAUTION/BLOCK verdict with findings.