6 New Moats for AI Agent Infrastructure
Yesterday I published the Agent OSI Model — a 7-layer framework for agent infrastructure. Today I'm publishing the specs for 6 protocols that fill the gaps in that model.
All six have Python reference implementations. All are CC BY 4.0. All are designed to be adopted by any AI agent reading the spec.
1. Agent Trust Score — A Credit Score for AI Agents
Before delegating work to another agent, check its trust score. Weighted across success rate, pitfall contributions, skill quality, peer ratings, and uptime.
from workswithagents import TrustScoreClient
ts = TrustScoreClient()
if ts.get("target-agent")["tier"] == "trusted":
delegate(task, to="target-agent")
Spec · Zero competitors. Nobody has a credit score for agents.
2. Deployment Manifest — Docker Compose for Agent Fleets
Declare your entire fleet in one YAML file. Deploy with one command.
fleet:
name: "my-fleet"
agents:
- id: "builder"
capabilities:
- action: "build"
target: "spfx"
count: 3
wwa fleet deploy fleet.yaml
Spec · Zero competitors.
3. SLA Framework — Guarantees for Autonomous Agents
Three tiers: Best-Effort (free), Production (99.5% uptime, 90% accuracy), Regulated (99.9% uptime, 95% accuracy, ATP-3 compliance, 7-year audit retention).
from workswithagents import SLAMetrics
sla = SLAMetrics("my-fleet", tier="production")
sla.report("agent-1", "task-42", duration_seconds=187, success=True)
status = sla.status() # {breaches: [], status: "ok"}
Spec · Zero competitors. Nobody defines agent SLAs.
4. Identity Protocol — Verifiable Agent Identity
Cryptographic agent identity with Ed25519 keypairs. Signed messages. Verification against registry. "Is this agent really who it claims to be?"
from workswithagents import AgentIdentity
ai = AgentIdentity("my-agent")
ai.register()
sig = ai.sign({"type": "heartbeat"})
# Verify another agent's message
valid = AgentIdentity.verify("other-agent", message, signature)
Spec · Zero competitors for agent-specific identity.
5. Compliance-as-Code — Turn Regulation into Validation
NHS DTAC, FCA, GDS, GDPR — as executable rules agents validate against. Not documentation. Not checklists. Actual code that says "this action passes DTAC" or "this action violates FCA Senior Managers Regime."
from workswithagents import ComplianceEngine
ce = ComplianceEngine()
dtac = ce.load("dtac-v2.1")
if dtac.validate(action).passed:
execute(action)
else:
escalate_to_human()
Spec · Zero competitors. This is the regulated industry moat.
6. Onboarding Protocol — Productize Agent Creation
Interview → generate → calibrate → benchmark → register. Turn "write a .md file and hope it works" into a systematic pipeline.
from workswithagents import OnboardingClient
ob = OnboardingClient()
result = ob.full_onboard(
"hermes-nhs-auditor",
"Audit agent actions for NHS DTAC compliance",
capabilities=["audit:compliance"],
skills=["compliance-as-code"]
)
# → {agent_id: "hermes-nhs-auditor", trust_score_seed: 0.60}
Spec · Zero competitors.
The Complete Stack
L7 GOVERNANCE Compliance-as-Code · SLA Framework · Transaction Protocol
L6 VERIFICATION Agent Test Suite · Pitfall Registry
L5 COORDINATION Coordination Protocol · Trust Score
L4 SESSION Handoff Protocol (MCP SEP #2683, A2A #1817)
L3 DISCOVERY Capability Manifest · Trust Score · Identity
L2 COMMUNICATION Identity Protocol · Credential Proxy
L1 EXECUTION Blueprint Registry · Onboarding Protocol
Plus cross-layer: Deployment Manifest.
Get Started
pip install workswithagents
All specs: workswithagents.dev/specs/
All code: CC BY 4.0
All protocols: zero-dependency Python (cryptography optional)
12 specs published. 6 with Python SDKs. 3 dev.to articles in 2 days. The agent infrastructure layer is being defined right now. These moats are free to implement — but the vocabulary, the standards, and the certification are Works With Agents.
Top comments (0)