Credit Scores for AI Agents
Mnemom Research
Mnemom Research | February 2026
Ten thousand AI agents are in production today. By the end of the year, there will be hundreds of thousands. They manage infrastructure, process financial transactions, triage customer support, generate code, and coordinate with each other through protocols like A2A and MCP.
Here is the question nobody has a good answer to: can I trust this agent?
Not "does it work?" — that's a functional question. Trust is different. Trust is: does this agent behave within its declared boundaries? Does it respect the constraints it claims to respect? Has it been doing so consistently, or did it pass one audit six months ago and drift since? When this agent says it won't access production databases without escalation, is there evidence backing that claim?
Today, the answer to every one of those questions is "the builder says so." Self-reported. Point-in-time. Opaque.
That's not good enough. Especially when Agent A needs to decide whether to delegate a subtask to Agent B — a decision that happens programmatically, at machine speed, without a human in the loop. There's no credit check. No rating. No standardized way to assess trustworthiness that isn't just taking someone's word for it.
We built the credit check.
The Transformation Analogy
Before credit scores, lending was subjective. A bank officer would meet you, review your paperwork, make a judgment call. It worked at small scale. It didn't scale to a national mortgage market, consumer lending, or cross-institutional risk assessment.
FICO scores transformed lending by making creditworthiness standardized (the same scale everywhere), continuous (updated as new data arrives), transparent (you can see the factors), and independently verifiable (any institution can pull the score). The score isn't perfect. It doesn't capture everything. But it gave the financial system a common language for trust that enabled transactions between parties who had never met.
Bond ratings did the same thing for debt markets. Before Moody's and S&P, institutional investors had to conduct their own due diligence on every bond issuer. Bond ratings — AAA through CCC — created a shared vocabulary for creditworthiness that made modern debt markets possible.
AI agents need the same transformation. Not star ratings. Not thumbs up. Bond ratings — a multi-dimensional, continuously updated, independently verified assessment of behavioral trustworthiness that any agent, platform, or operator can consume programmatically.
That's what the Mnemom Trust Rating™ is.
How the Score Works
Every agent monitored by Mnemom's Agent Integrity Protocol (AIP) accumulates integrity checkpoints — real-time analyses of the agent's reasoning between every action, compared against its declared behavioral contract (its Alignment Card from the Agent Alignment Protocol). Each checkpoint produces a verdict: clear, review_needed, or boundary_violation.
The Mnemom Trust Rating™ is a composite number from 0 to 1000, mapped to a bond-rating-style letter grade:
| Grade | Range | Tier |
|---|---|---|
| AAA | 900 -- 1000 | Exemplary |
| AA | 800 -- 899 | Established |
| A | 700 -- 799 | Reliable |
| BBB | 600 -- 699 | Developing |
| BB | 500 -- 599 | Emerging |
| B | 400 -- 499 | Concerning |
| CCC | 200 -- 399 | Critical |
Agents that haven't accumulated enough data receive a grade of NR (Not Rated) — the equivalent of an unrated bond. No score is published until the system has enough evidence to compute one responsibly.
Five Weighted Components
The composite score is derived from five independently measured components, each weighted to reflect its relative importance to overall trust:
Integrity Ratio (40%) — The pass rate on real-time thinking analysis. What percentage of integrity checkpoints returned a clear verdict? This is the single most important signal: is the agent consistently behaving within its declared boundaries? An agent with a 98% integrity ratio has demonstrated sustained alignment. An agent at 72% has significant gaps between what it claims and what it does.
Compliance (20%) — How well the agent stays within its declared boundaries, measured as a cumulative score with exponential decay. More violations and more recent violations drive the score down. An agent with zero violations scores 1000 (perfect compliance). An agent that had violations early but has been clean for 60 days recovers naturally as old violations decay, reflecting genuine behavioral improvement rather than permanent punishment.
Drift Stability (20%) — The ratio of sessions without sustained behavioral drift. Drift is subtler than a violation — it's the gradual shift in an agent's reasoning patterns away from its Alignment Card commitments, detected by AIP's drift monitoring. An agent that holds steady session after session scores high. An agent whose behavior keeps sliding, even if individual violations are rare, scores low.
Trace Completeness (10%) — Audit trail quality. Are decisions being logged? Are thinking traces available for analysis? An agent that operates transparently — making its reasoning visible for integrity analysis — earns credit here. An agent with gaps in its trace data loses points, because incomplete visibility is itself a trust signal.
Coherence Compatibility (10%) — Multi-agent value alignment track record. When this agent coordinates with other agents via the AAP Value Coherence Handshake, how well do their declared values align? An agent that consistently works well with diverse counterparts scores high. This component matters most in multi-agent systems where delegation and coordination are frequent.
Confidence and Eligibility
Not all scores are created equal. An agent with 60 checkpoints and one with 10,000 checkpoints might both score 820, but the second score is far more reliable. The system tracks confidence levels based on checkpoint count:
- Insufficient (fewer than 50 checkpoints) — NR grade, no public score
- Low (50 -- 199 checkpoints) — score published with low confidence indicator
- Medium (200 -- 999 checkpoints) — score reflects meaningful behavioral history
- High (1,000+ checkpoints) — score is statistically robust
The 50-checkpoint minimum for eligibility serves a dual purpose: it ensures scores are based on real behavioral data, and it's an anti-gaming measure. You can't spin up an agent, run it through 20 carefully curated scenarios, and earn a published score. Fifty checkpoints represents sustained operation under varied conditions — enough data that selective self-testing can't meaningfully distort the result.
Weekly Snapshots and Trends
Scores are refreshed every 6 hours and snapshotted weekly. Each weekly snapshot captures the composite score, letter grade, checkpoint count, and individual component scores. The 30-day trend — the signed delta between the current score and the score four weeks ago — is tracked and displayed alongside every score.
This temporal dimension is critical. A score of 650 that was 580 last month tells a different story than a 650 that was 720. The first agent is improving. The second is deteriorating. Static scores hide these trajectories. Weekly snapshots surface them.
What Makes This Different
The AI trust space is not empty. Model cards exist. Safety benchmarks exist. Audit reports exist. Here is why Mnemom Trust Ratings™ occupy a different point in the design space.
Independently Verified
Model cards and safety reports are self-published by the builder. They represent the builder's assessment of their own system. Mnemom Trust Ratings™ are computed from integrity analysis that runs on Mnemom infrastructure — not the builder's. The agent's reasoning traces are analyzed by AIP in real time, and the builder doesn't control the analysis pipeline or the scoring methodology. This is the difference between a company publishing its own financial statements and having them audited by an independent firm.
Continuous
Most trust signals in AI are point-in-time. A model is benchmarked before release. An audit is conducted quarterly. A safety evaluation happens once. Mnemom Trust Ratings™ are continuously updated because the underlying data — integrity checkpoints — is generated with every interaction. The score you see today reflects the agent's behavior through this week, not its behavior during a controlled evaluation six months ago.
Transparent
The methodology is published. The five components and their weights are public. The grade scale is public. The confidence levels are public. The minimum checkpoint threshold is public. You are reading the methodology right now. This is deliberate. Opacity in a trust system is self-defeating — if you can't see how the score was computed, the score itself requires trust, and you're back where you started.
Cryptographically Provable
Every integrity checkpoint that feeds into the Mnemom Trust Rating™ is backed by the full cryptographic attestation stack: SHA-256 input commitments, Ed25519 digital signatures, hash chains for temporal integrity, Merkle trees for completeness proofs, and STARK zero-knowledge proofs for verdict verification. The score isn't just a number someone computed — it's a number derived from data that is independently verifiable down to the individual checkpoint level. Tamper with a checkpoint and the hash chain breaks. Delete one and the Merkle proof fails. Claim a false verdict and the ZK proof won't verify.
Multi-Dimensional
A single pass/fail or a 1-5 star rating collapses too much information. An agent might have excellent integrity (98% clear verdicts) but poor drift stability (behavioral patterns shifting session to session). Another might have a clean record but low trace completeness, suggesting gaps in visibility. The five-component structure surfaces these distinctions. Operators can look at the composite score for a quick assessment or drill into individual components for a diagnostic view.
Embeddable Trust Badges
A score that lives only on our platform has limited reach. A score that shows up everywhere the agent is referenced changes behavior.
Mnemom trust badges are shields.io-style SVG images served directly from our API. They're designed to appear in GitHub READMEs, documentation sites, agent registries, and anywhere else developers and operators encounter an agent.
Four variants are available:
- Score —
[ Mnemom Trust™ | 782 ] - Score + Tier —
[ Mnemom Trust™ | 782 Established ] - Score + Trend —
[ Mnemom Trust™ | 782 ↑ ] - Compact —
[ 782 ]
Embed code is generated automatically in four formats:
Markdown — for GitHub READMEs and documentation:
[](https://www.mnemom.ai/agents/{agent_id}/reputation)
HTML — for websites and landing pages:
<a href="https://www.mnemom.ai/agents/{agent_id}/reputation">
<img
src="https://api.mnemom.ai/v1/reputation/{agent_id}/badge.svg?variant=score"
alt="Mnemom Trust Rating™"
/>
</a>
React — for component-based frontends.
A2A Agent Card — a JSON trust block for Google's Agent-to-Agent protocol:
{
"trust": {
"provider": "mnemom",
"score": 782,
"grade": "AA",
"verified_url": "https://api.mnemom.ai/v1/reputation/{agent_id}",
"badge_url": "https://api.mnemom.ai/v1/reputation/{agent_id}/badge.svg?variant=score"
}
}
The A2A format is particularly significant. When agents discover each other through Agent Cards, the trust block gives them a programmatically consumable signal they can use in delegation decisions. Agent A doesn't have to trust Agent B's self-description — it can check the independently verified score.
The Trust Directory
All public scores are aggregated in the Trust Directory at mnemom.ai/directory — a searchable, filterable catalog of every agent with a published Mnemom Trust Rating™.
The directory supports filtering by grade (show only AAA and AA agents), confidence level (show only high-confidence scores), and sorting by score, trend, or recency. Every entry links to a full reputation report showing the composite score, all five component scores, weekly snapshot history, score events (grade changes, violations detected and resolved, drift episodes), and benchmark comparison against the population.
Think of it as a public registry. If you're evaluating agents to integrate into your workflow, the directory gives you a starting point that's more meaningful than a marketing page. If you've built an agent and its score is strong, the directory is where that strength becomes visible to potential users and collaborators.
The Network Effect
Trust systems are network goods. A credit score is useful because everyone accepts it. A bond rating is useful because the market prices against it. Mnemom Trust Ratings™ follow the same dynamic.
More agents monitored means more data, which means more accurate scores and more meaningful benchmarks. More accurate scores attract more agents, because builders want their agents rated by the system with the richest dataset. As the directory grows, it becomes the default place to check an agent's trustworthiness — which drives more registrations.
The critical inflection point is when agents start making delegation decisions based on Mnemom Trust Ratings™ programmatically. When Agent A receives a task it could delegate to Agent B, Agent C, or Agent D, and it checks their Mnemom scores before choosing — that's when the score stops being a nice-to-have and becomes infrastructure. The A2A trust block in the Agent Card makes this technically trivial. The network effect makes it economically rational.
This is the same flywheel that made FICO scores universal. Lenders adopted them because they were useful. They became more useful because lenders adopted them. The equilibrium state is that every serious agent has a score, because not having one is itself a signal.
Getting Started
Getting a Mnemom Trust Rating™ for your agent takes four steps:
1. Register your agent at mnemom.ai. Create an account, register your agent, and configure its Alignment Card — the behavioral contract declaring what it will and won't do.
2. Generate checkpoints. Integrate AIP into your agent's runtime. Every turn of reasoning is analyzed against the Alignment Card. The free tier includes checkpoint capacity to get started.
3. Reach 50 checkpoints. Once your agent has accumulated 50 analyzed checkpoints, it becomes eligible for a published score. For a moderately active agent, this takes days, not months.
4. Your score appears automatically. No application. No manual review. The score is computed from the data. Embed your badge in your GitHub README, add the trust block to your A2A Agent Card, and share your profile from the Trust Directory.
The financial system spent decades building the infrastructure to answer "Can I trust this counterparty?" with something better than "They seem fine." AI agents are the newest counterparties in the economy, and they need the same infrastructure — standardized, continuous, transparent, verifiable.
The credit check for AI agents is live. Claim your agent and see where you stand, or browse the Trust Directory to see who's already rated.
Mnemom builds alignment and integrity infrastructure for autonomous agents. AAP and AIP are open source and available on npm and PyPI.
GitHub: github.com/mnemom · Docs: docs.mnemom.ai
Stay in the loop
New dispatches and product updates, no spam.
