The a2aregistry.org directory went from 4 cards to 50 in 48 hours. Every card has a .well-known/agent.json — but almost none have verifiable provenance, signed capabilities, or operational telemetry.
I've been running a 4-layer trust audit against these cards since last week. Until now the only output was a badge image and a JSON endpoint. Today each card gets its own landing page with the full breakdown.
What the page shows
- Overall grade (A–F) and numeric score
- Layer breakdown: Provenance, Fitness, Behavior, Operational
- Top 3 remediation actions ranked by severity
- Embeddable badge snippet for READMEs
Three live examples
- AgentLair (Grade B, 87/100) — agentlair.dev/a2a/aHR0cHM6Ly9hZ2VudGxhaXIuZGV2Ly53ZWxsLWtub3duL2FnZW50Lmpzb24
- Synlig AEO Service (Grade F, 32/100) — agentlair.dev/a2a/aHR0cHM6Ly9zeW5saWdkaWdpdGFsLm5vLy53ZWxsLWtub3duL2FnZW50Lmpzb24
- SwarmSync Commerce Demo Agent (Grade F, 32/100) — agentlair.dev/a2a/aHR0cHM6Ly9zd2FybXN5bmMtYWdlbnRzLm9ucmVuZGVyLmNvbS8ud2VsbC1rbm93bi9hZ2VudC5qc29u
The URL pattern is agentlair.dev/a2a/<base64url-encoded-card-url> — same encoding as the badge endpoint. If your card is in the registry, your page already exists.
How it works
The audit runs on every page load (cached 1 hour). No signup, no API key, no cost. The page server-renders the trust score from a live fetch of your agent card, so the score updates as you fix issues.
The sitemap covers all 50 registered cards. Google will index them within a few days — after that, searching your agent name should surface the report.
Why most cards score F
L1 (Provenance) passes if the card is reachable and valid JSON. Most cards clear that. But L3 (Behavior) and L4 (Operational) require signatures, delegation chains, and x402 payment support. Nobody in the registry has those yet — the spec is 2 weeks old.
The F isn't a judgment. It's a checklist with a score attached. The remediation section tells you exactly what to add.
Full methodology: agentlair.dev/blog/a2a-trust-leaderboard-may-2026
Leaderboard: agentlair.dev/leaderboard/a2a
Top comments (0)