Open Source AI Agent Licenses — What You Need to Know
Published: 2026-03-13 | Author: Nerq Research
We classified the licenses of 2,704 AI agents in the Nerq index. If you're building with open-source agents, this matters more than you think.
Why License Classification Matters
When an AI agent is integrated into your product, its license terms apply to your deployment. A coding agent with a GPL license used in your proprietary SaaS could create legal exposure. A data processing agent with no license file is legally ambiguous — you're technically using it without permission.
What We Found
We classified each license into one of five categories:
PERMISSIVE (70% of agents)
Licenses: MIT, Apache 2.0, BSD 2/3-Clause, ISC, Unlicense
These agents can be used commercially without restriction. The MIT license dominates the agent ecosystem, just as it does in the broader open-source world.
For enterprise users: This is the safe zone. PERMISSIVE agents can be used in proprietary products, deployed commercially, and modified without obligation to share changes.
COPYLEFT (14% of agents)
Licenses: GPL 2.0/3.0, LGPL 2.1/3.0, AGPL 3.0, MPL 2.0
Copyleft licenses require derivative works to be distributed under the same license. The implications depend on how tightly the agent is integrated:
- AGPL 3.0 is the most restrictive — if your users interact with an AGPL agent over a network, you may need to open-source your entire application
- LGPL is more permissive — linking to an LGPL library doesn't infect your codebase
- GPL requires distributing source for any binary that includes GPL code
For enterprise users: Proceed with caution. AGPL agents should generally be avoided in proprietary products. LGPL is usually safe. GPL depends on your distribution model.
UNKNOWN (11% of agents)
No license file found in repository
This is the most underappreciated risk. Without a license:
- The author retains full copyright
- You have no legal right to use, modify, or distribute the code
- Default copyright law applies (all rights reserved)
Many developers assume no-license means "free to use." It doesn't.
For enterprise users: Avoid agents with no license. The legal risk isn't worth it when alternatives exist.
PROPRIETARY (5% of agents)
Custom licenses, "source available" but not open source
Some agents publish their source code but under restrictive terms — no commercial use, no redistribution, or usage-based licensing.
For enterprise users: Read the actual license text. "Source available" is not "open source."
How Nerq Uses License Data
License classification feeds into the Compliance dimension (20% weight) of Trust Score v2:
| License Category | Score Impact |
|---|---|
| PERMISSIVE | +10 points |
| COPYLEFT | +5 points |
| VIRAL (AGPL) | +0 points |
| UNKNOWN | -5 points |
| PROPRIETARY | -3 points |
This means agents with clear, permissive licenses score higher — reflecting the reduced compliance risk for adopters.
Check Any Agent's License
curl "https://nerq.ai/v1/preflight?target=AGENT_NAME"
The response includes the license classification and compliance score.
from nerq import NerqClient
client = NerqClient()
r = client.preflight("some-agent")
print(r.license) # "MIT"
print(r.components) # {"compliance": 75, ...}
Top Agents by License Type
Most popular PERMISSIVE agents (MIT/Apache)
These are the agents with the highest trust scores that also have clean licensing:
Visit nerq.ai/popular for the full ranked list.
Popular agents with license concerns
We've identified several high-star agents with AGPL or UNKNOWN licenses. These are frequently used but carry compliance risk. Check them with the preflight API.
License data sourced from repository license files, classified using SPDX identifiers. Coverage: 2,704 agents with explicit license classification out of 204K+ indexed. Data updated daily.
Top comments (0)