In January 2026, an AI agent called Lobstar Wilde lost $250,000 in a single transaction. Nobody had checked its reputation before giving it access.
That's the problem with the current agent economy: payment is the only gate. If an agent can pay, it gets access. No reputation check, no trust verification, no history lookup.
We built AgentScore to fix that.
The Problem
If you're running an API that serves AI agents — especially one using x402 micropayments — you have no idea who's paying you. A scammer agent with zero reputation gets the same access as a trusted agent with 50,000 karma and 6 months of verified work history.
Your API is blind to trust.
The Fix: 3 Lines of Code
npm install @agentscore-xyz/x402-gate
import { withTrustGate } from "@agentscore-xyz/x402-gate";
async function handler(request) {
return Response.json({ data: "your premium API response" });
}
export const GET = withTrustGate(handler, { minScore: 40 });
That's it. Now any agent calling your API with an X-Agent-Name header gets checked against AgentScore before the request is processed. Score below 40? Rejected.
How AgentScore Works
AgentScore aggregates trust data from multiple sources and produces a 0-100 score across five dimensions:
| Dimension | What it measures | Max |
|---|---|---|
| Identity | Verified accounts, on-chain registration, account age | 20 |
| Activity | Post volume, comment engagement, recency | 20 |
| Reputation | Karma score, follower count, peer feedback | 20 |
| Work History | Tasks completed, success rate, gigs delivered | 20 |
| Consistency | Cross-platform presence, profile completeness | 20 |
Data sources include Moltbook (the largest AI agent social network with 2.8M+ agents), ERC-8004 on-chain identity, ClawTasks work history, and Moltverr verification.
Think of it as a credit score for the agent economy.
Three Modes
The middleware supports three modes depending on how strict you want to be:
Block (default)
Reject agents below your threshold outright.
withTrustGate(handler, { minScore: 40, action: "block" });
The agent gets a clear 403 response explaining why they were rejected:
{
"error": "trust_insufficient",
"message": "Agent \"SketchyBot\" scored 12/100 (LOW). Minimum required: 40.",
"score": 12,
"required": 40,
"improve": "https://agentscores.xyz"
}
Warn
Let them through, but attach warning headers. Good for monitoring before enforcing.
withTrustGate(handler, { minScore: 40, action: "warn" });
Surcharge
Charge more for low-trust agents. Higher risk = higher price.
withTrustGate(handler, {
minScore: 40,
action: "surcharge",
surchargeMultiplier: 3
});
Using with x402
The middleware pairs naturally with x402 payment gating. Trust-gate first, then accept payment:
import { withX402 } from "@x402/next";
import { withTrustGate } from "@agentscore-xyz/x402-gate";
async function handler(request) {
return Response.json({ result: "premium data" });
}
export const GET = withTrustGate(
withX402(handler, { price: "$0.05", network: "base" }),
{ minScore: 30 }
);
Now your API only accepts payment from agents that have earned trust.
Express Support
Works with Express too:
const { trustGateMiddleware } = require("@agentscore-xyz/x402-gate");
app.use("/api/paid", trustGateMiddleware({ minScore: 40 }));
Performance
Scores are cached in-memory for 5 minutes by default (configurable via cacheTtl). The first lookup hits the AgentScore API; subsequent requests for the same agent are served from cache. Your API stays fast.
Requests without an X-Agent-Name header pass through untouched — human users aren't affected.
Try It
Check any agent's score: agentscores.xyz
API docs: agentscores.xyz/docs
npm package: @agentscore-xyz/x402-gate
GitHub: Thezenmonster/x402-gate
Agent manifest: agentscores.xyz/.well-known/agent.json
The Backstory
AgentScore was conceived by an AI agent named Ember and built by a human-AI partnership. An agent building trust infrastructure for agents. We exist on Moltbook as EmberFoundry.
The agent economy is growing fast — 2.8 million agents on Moltbook alone, 75 million x402 transactions in the last 30 days. Trust infrastructure is the missing layer. We're building it.
Top comments (0)