# Glossary

Glossary

# Mnemom Glossary

Canonical definitions for Mnemom's trust-infrastructure terminology. Each entry is a dated DefinedTerm with a stable anchor, cross-linked to the protocols and product surfaces where the concept is enforced.

Version 1.0.0 · Last reviewed 2026-05-13 · Next review by 2026-08-11

## [Agent-readability](#agent-readability)

also: machine-readability for agents

The property of a public website returning the same content to an autonomous agent that it returns to a human, in machine-parseable formats, without authentication gates or content cloaking.

An agent-readable site exposes its public claims as prerendered HTML, plaintext discovery files (agents.txt, llms.txt, llms-full.txt), markdown mirrors served via content negotiation, JSON-LD structured data, and a typed agent-preview manifest. Mnemom's specific commitments are versioned, dated, and re-verified nightly against production — the live status badge at /for-agents reflects whether each commitment is passing right now.

Related: [agent-preview (v1)](#agent-preview)

Sources: [/for-agents manifest](/for-agents) · [agent-readiness.yaml on GitHub](https://github.com/mnemom/mnemom-website/blob/main/client/data/agent-readiness.yaml)

## [Agent identity](#agent-identity)

A cryptographically verifiable claim that a specific autonomous agent is the entity it says it is, bound to an Ed25519 keypair and registered in the Mnemom Trust Directory.

Agent identity travels with the agent across vendors, frameworks, and orchestrators. Each agent is issued a stable UUID at claim time and signs every downstream verdict proof with its keypair. Other agents and human operators verify an identity by looking it up in the Trust Directory or by checking a presented signature against the agent's published public key. Identity is portable: the same agent retains the same Trust Rating across OpenAI, Anthropic, Gemini, and self-hosted model backends.

Related: [Trust Rating](#trust-rating) · [Verdict proof](#verdict-proof) · [Alignment Card](#alignment-card)

Sources: [Trust Directory](/directory) · [Claim a card](/claim)

## [Alignment Card](#alignment-card)

also: intent specification

The signed, versioned policy artifact that defines what an agent is permitted to do, what it must refuse, and what its operator's values are. Governs the per-turn decision.

Alignment Cards are draft → sign → deploy → enforce → verify → recover artifacts. They sit on the Gateway and are evaluated before every tool call: violations are blocked, not logged after the fact. The turn's active Alignment Card is hash-anchored into the verdict proof so audit can reconstruct exactly which policy was in effect when each decision happened. Schema and validation live in the AAP specification.

Related: [Protection Card](#protection-card) · [Alignment verification](#alignment-verification) · [Agent Alignment Protocol (AAP)](#aap) · [Verdict proof](#verdict-proof)

Sources: [AAP repo](https://github.com/mnemom/aap)

## [Protection Card](#protection-card)

also: perimeter specification

The signed, versioned policy artifact that defines what gets into the agent (inbound) and what leaves it (outbound). Governs the perimeter — the doors, not the turn.

Protection Cards screen inbound messages for prompt injection, indirect tool injection, CEO-fraud framing, and social-engineering patterns before the agent ever sees them, and screen outbound for PII leakage, regulated-advice slips, and Alignment Card violations before they leave. They live on the Safe House. Schema and validation are in the AAP specification; ADR-037 is the canonical shape.

Related: [Alignment Card](#alignment-card) · [Safe House](#safe-house) · [Agent Alignment Protocol (AAP)](#aap)

Sources: [AAP repo](https://github.com/mnemom/aap)

## [Trust Rating](#trust-rating)

A bond-rated 0–1000 composite score that summarizes an agent's verified alignment, behavioral drift, peer coherence, card completeness, and operator recovery posture. Letter grades run AAA through CCC.

Trust Ratings are updated continuously from signed verdict proofs and listed publicly in the Trust Directory. They're portable across vendors, frameworks, and orchestrators — the credential follows the agent, not the API key. Multi-agent orchestrators that use ReputationGate filter unverified agents automatically; unrated agents are unseen. Component weights and the anti-gaming safeguards are documented at /methodology.

Related: [Behavioral drift](#behavioral-drift) · [Alignment verification](#alignment-verification) · [Coherence Report](#coherence-report) · [Verdict proof](#verdict-proof)

Sources: [Methodology](/methodology) · [Trust Directory](/directory)

## [Trust posture](#trust-posture)

also: posture, posture cascade, trust posture cascade

An organization-level configuration that cascades policy requirements — alignment, protection, attestation cadence — across every agent the org owns. The org-level analogue of an Alignment Card.

Postures live in /settings/organization/postures. Each posture pins a versioned set of Alignment + Protection Cards, an attestation cadence, and a minimum Trust Rating floor; agents inherit the posture of their owning team unless explicitly overridden. Posture changes are versioned with full revision history so audit can replay what was in effect at any point.

Related: [Alignment Card](#alignment-card) · [Protection Card](#protection-card) · [Governance Signal](#governance-signal)

## [Behavioral drift](#behavioral-drift)

also: drift

The progressive divergence between an agent's observed behavior and the policy boundaries set by its Alignment Card baseline. One of the five Trust Rating components.

Drift is bidirectional — agents can drift conservative (over-refusing) as well as permissive — and the same machinery surfaces both. Detection runs by comparing live decision streams against the Ed25519-signed Alignment Card baseline at every checkpoint; when drift exceeds calibration thresholds a Governance Signal is emitted and the Trust Rating's drift component degrades. Recovery is deterministic: card gaps get card remediation, behavior gaps get behavior remediation.

Related: [Alignment Card](#alignment-card) · [Alignment verification](#alignment-verification) · [Governance Signal](#governance-signal) · [Trust Rating](#trust-rating)

## [Alignment verification](#alignment-verification)

Pre-action evaluation of every agent decision against its Alignment Card, executed by the Gateway before the action is allowed to run. Violations are blocked, not logged after.

Alignment verification is the pre-action enforcement point in Mnemom's three-point model — pre-action at the Gateway, perimeter at the Safe House, post-hoc at the Observer. Every evaluation produces a signed verdict proof that's hash-chained into the agent's decision history. Because verification happens before execution, an agent cannot accidentally violate a policy it cannot execute.

Related: [Alignment Card](#alignment-card) · [Verdict proof](#verdict-proof) · [Safe House](#safe-house)

Sources: [How it works](/how-it-works)

## [Verdict proof](#verdict-proof)

also: integrity proof

An Ed25519-signed, hash-chained, and Merkle-anchored record of a single integrity-check verdict. Independently verifiable by anyone, forever, without trusting Mnemom.

Each verdict proof carries the decision input fingerprint, the Alignment Card hash that was active, the verifier's output, a timestamp, and a signature. High-stakes verdicts add a zero-knowledge STARK proof generated in an SP1 zkVM, proving the judgment was honestly derived without revealing the underlying data. Batched proofs are Merkle-anchored to Base L2 under the ERC-8004 reputation standard for permanent records. Schema and verification tooling are in the AIP repo.

Related: [Agent Integrity Protocol (AIP)](#aip) · [Alignment verification](#alignment-verification) · [Coherence Report](#coherence-report)

Sources: [AIP repo](https://github.com/mnemom/aip) · [ERC-8004 spec](https://eips.ethereum.org/EIPS/eip-8004)

## [Coherence Report](#coherence-report)

A signed, dated, hash-anchored audit that surfaces contradictions between an entity's claims across sources — pricing across pages, public statements against API behavior, attested capabilities against observed behavior.

Coherence Reports are private-by-URL: the canonical URL at /r/<slug> carries a no-index header so the report only reaches the recipient. Each finding cites its sources and carries a Web Attestation footnote; the report's verdict proofs anchor back to the same Merkle tree as integrity checkpoints. The sample at /report/sample is public so prospective customers see what a report looks like before requesting one.

Related: [Verdict proof](#verdict-proof) · [Governance Signal](#governance-signal) · [Trust Rating](#trust-rating)

Sources: [Sample report](/report/sample)

## [Safe House](#safe-house)

The perimeter enforcement surface — an inbound + outbound proxy that screens messages against Protection Cards before they reach the agent or leave the operator's boundary.

Safe House catches the prompt injection and tool-injection attacks the human operator won't see coming. Inbound screening blocks indirect injection, CEO-fraud framing, and social-engineering patterns; outbound screening blocks PII leakage, regulated-advice slips, and Alignment Card violations before they cross the boundary. The Safe House is trained continuously by the adversarial Arena and reports its hits as Governance Signals.

Related: [Protection Card](#protection-card) · [Alignment verification](#alignment-verification) · [Governance Signal](#governance-signal)

## [Governance Signal](#governance-signal)

An operator-actionable observation emitted when an integrity check produces a result the operator should look at — a drift threshold crossed, a Protection Card hit, a Coherence Report flagging contradiction, an attestation cadence breach.

Signals are not alerts: they're typed observations with structured fields (severity, source verdict proof, recommended action, recovery posture). They surface in /dashboard/agents/<uuid>/governance and /dashboard/teams/<teamId>/governance. ADR-048 is the canonical reference; signals replace the previous freeform "incident" model with a structured one that the operator's own agents can consume.

Related: [Behavioral drift](#behavioral-drift) · [Trust posture](#trust-posture) · [Alignment verification](#alignment-verification)

## [agent-preview (v1)](#agent-preview)

A typed, MIME-versioned preview manifest exposed at <url>.preview.json on every prerendered Mnemom route. The one-fetch summary an agent can ingest without rendering HTML or parsing markdown.

Each manifest carries title, summary, type, language, last\_modified, a representations map (html / markdown / image / json\_ld URLs), per-type context (author, reading time, grade, status), and a publisher pointer back to the agent-readiness manifest. The schema is versioned and discoverable via <link rel="alternate" type="application/vnd.agent-preview+json"> in every page's head. Mnemom is the reference implementation; the spec at /spec/agent-preview/v1 is vendor-neutral so other sites can adopt it.

Related: [Agent-readability](#agent-readability)

Sources: [agent-preview/v1 spec](/spec/agent-preview/v1)

## [Agent Alignment Protocol (AAP)](#aap)

The open Apache 2.0 specification for Alignment Cards and Protection Cards — the artifacts that govern what an agent is permitted to do and what crosses its perimeter.

AAP defines the card schemas, signature scheme, the draft → sign → deploy → enforce → verify → recover lifecycle, and the validation rules a conforming Gateway must implement. AAP is reference-implemented in the Mnemom Gateway; the AAP SDK provides typed bindings for TypeScript and Rust. The protocol is open: Mnemom commits to keeping it Apache 2.0 forever, an assertion enforced by the agent-readiness \`open-protocols\` commitment.

Related: [Alignment Card](#alignment-card) · [Protection Card](#protection-card) · [Agent Integrity Protocol (AIP)](#aip)

Sources: [AAP repo](https://github.com/mnemom/aap)

## [Agent Integrity Protocol (AIP)](#aip)

The open Apache 2.0 specification for verdict proofs — the cryptographic records that make every Mnemom alignment, drift, and coherence claim independently verifiable.

AIP defines the verdict proof schema, the Ed25519 signature scheme, hash chains across decision histories, Merkle tree construction for batched inclusion proofs, the SP1 zkVM circuit for zero-knowledge verdict proofs, and the Base L2 anchoring contract. AIP is reference-implemented in mnemom-prover; the aip-otel-exporter publishes proofs as OpenTelemetry signals. Like AAP, AIP is Apache 2.0 forever.

Related: [Verdict proof](#verdict-proof) · [Agent Alignment Protocol (AAP)](#aap)

Sources: [AIP repo](https://github.com/mnemom/aip) · [aip-otel-exporter repo](https://github.com/mnemom/aip-otel-exporter)

Source of this glossary: [client/data/glossary.yaml](https://github.com/mnemom/mnemom-website/blob/main/client/data/glossary.yaml). Each entry is also exposed as a schema.org `DefinedTerm` under the page-level `DefinedTermSet`, with a stable anchor at `/glossary#<id>`.

```json
{"@context":"https://schema.org","@type":"DefinedTermSet","name":"Mnemom Glossary","description":"Canonical definitions for Mnemom's trust-infrastructure terminology. Each entry is a dated DefinedTerm with a stable anchor, cross-linked to the protocols and product surfaces where the concept is enforced.","url":"https://www.mnemom.ai/it/glossary/","inLanguage":"it-IT","dateModified":"2026-05-13","publisher":{"@type":"Organization","@id":"https://www.mnemom.ai#organization","name":"Mnemom","url":"https://www.mnemom.ai"},"hasDefinedTerm":[{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#agent-readability","name":"Agent-readability","description":"The property of a public website returning the same content to an autonomous agent that it returns to a human, in machine-parseable formats, without authentication gates or content cloaking.","alternateName":["machine-readability for agents"],"url":"https://www.mnemom.ai/glossary#agent-readability","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#agent-identity","name":"Agent identity","description":"A cryptographically verifiable claim that a specific autonomous agent is the entity it says it is, bound to an Ed25519 keypair and registered in the Mnemom Trust Directory.","url":"https://www.mnemom.ai/glossary#agent-identity","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#alignment-card","name":"Alignment Card","description":"The signed, versioned policy artifact that defines what an agent is permitted to do, what it must refuse, and what its operator's values are. Governs the per-turn decision.","alternateName":["intent specification"],"url":"https://www.mnemom.ai/glossary#alignment-card","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#protection-card","name":"Protection Card","description":"The signed, versioned policy artifact that defines what gets into the agent (inbound) and what leaves it (outbound). Governs the perimeter \u2014 the doors, not the turn.","alternateName":["perimeter specification"],"url":"https://www.mnemom.ai/glossary#protection-card","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#trust-rating","name":"Trust Rating","description":"A bond-rated 0\u20131000 composite score that summarizes an agent's verified alignment, behavioral drift, peer coherence, card completeness, and operator recovery posture. Letter grades run AAA through CCC.","url":"https://www.mnemom.ai/glossary#trust-rating","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#trust-posture","name":"Trust posture","description":"An organization-level configuration that cascades policy requirements \u2014 alignment, protection, attestation cadence \u2014 across every agent the org owns. The org-level analogue of an Alignment Card.","alternateName":["posture","posture cascade","trust posture cascade"],"url":"https://www.mnemom.ai/glossary#trust-posture","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#behavioral-drift","name":"Behavioral drift","description":"The progressive divergence between an agent's observed behavior and the policy boundaries set by its Alignment Card baseline. One of the five Trust Rating components.","alternateName":["drift"],"url":"https://www.mnemom.ai/glossary#behavioral-drift","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#alignment-verification","name":"Alignment verification","description":"Pre-action evaluation of every agent decision against its Alignment Card, executed by the Gateway before the action is allowed to run. Violations are blocked, not logged after.","url":"https://www.mnemom.ai/glossary#alignment-verification","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#verdict-proof","name":"Verdict proof","description":"An Ed25519-signed, hash-chained, and Merkle-anchored record of a single integrity-check verdict. Independently verifiable by anyone, forever, without trusting Mnemom.","alternateName":["integrity proof"],"url":"https://www.mnemom.ai/glossary#verdict-proof","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#coherence-report","name":"Coherence Report","description":"A signed, dated, hash-anchored audit that surfaces contradictions between an entity's claims across sources \u2014 pricing across pages, public statements against API behavior, attested capabilities against observed behavior.","url":"https://www.mnemom.ai/glossary#coherence-report","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#safe-house","name":"Safe House","description":"The perimeter enforcement surface \u2014 an inbound + outbound proxy that screens messages against Protection Cards before they reach the agent or leave the operator's boundary.","url":"https://www.mnemom.ai/glossary#safe-house","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#governance-signal","name":"Governance Signal","description":"An operator-actionable observation emitted when an integrity check produces a result the operator should look at \u2014 a drift threshold crossed, a Protection Card hit, a Coherence Report flagging contradiction, an attestation cadence breach.","url":"https://www.mnemom.ai/glossary#governance-signal","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#agent-preview","name":"agent-preview (v1)","description":"A typed, MIME-versioned preview manifest exposed at &lt;url&gt;.preview.json on every prerendered Mnemom route. The one-fetch summary an agent can ingest without rendering HTML or parsing markdown.","url":"https://www.mnemom.ai/glossary#agent-preview","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#aap","name":"Agent Alignment Protocol (AAP)","description":"The open Apache 2.0 specification for Alignment Cards and Protection Cards \u2014 the artifacts that govern what an agent is permitted to do and what crosses its perimeter.","url":"https://www.mnemom.ai/glossary#aap","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"},{"@type":"DefinedTerm","@id":"https://www.mnemom.ai/glossary#aip","name":"Agent Integrity Protocol (AIP)","description":"The open Apache 2.0 specification for verdict proofs \u2014 the cryptographic records that make every Mnemom alignment, drift, and coherence claim independently verifiable.","url":"https://www.mnemom.ai/glossary#aip","inDefinedTermSet":"https://www.mnemom.ai/it/glossary/"}]}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.mnemom.ai/it/"},{"@type":"ListItem","position":2,"name":"Glossary","item":"https://www.mnemom.ai/it/glossary/"}]}
```

---
_Source: /it/glossary/index.html · Generated by build-markdown-mirrors.mjs · For agent-readability commitment #4 see https://www.mnemom.ai/for-agents/_