Initial commit: agentscore-py v2.0.0

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: vvillait88

.claude/CLAUDE.md

@@ -0,0 +1,43 @@
+# agentscore-py
+
+Python client for the AgentScore trust and reputation API.
+
+## Architecture
+
+Single-package Python library published to PyPI.
+
+| File | Purpose |
+|------|---------|
+| `agentscore/` | Source code |
+| `tests/` | pytest tests |
+
+## Tooling
+
+- **uv** — package manager. Use `uv sync`, `uv run`.
+- **ruff** — linting + formatting. `uv run ruff check .` and `uv run ruff format --check .`.
+- **vulture** — dead code detection.
+- **pytest** — tests. `uv run pytest tests/`.
+- **Lefthook** — git hooks. Pre-commit: ruff. Pre-push: vulture.
+
+## Key Commands
+
+```bash
+uv sync --all-extras
+uv run ruff check .
+uv run ruff format .
+uv run pytest tests/
+```
+
+## Workflow
+
+1. Create a branch
+2. Make changes
+3. Lefthook runs ruff on commit, vulture on push
+4. Open a PR — CI runs automatically
+5. Merge (squash)
+
+## Rules
+
+- **No silent refactors**
+- **Never commit .env files or secrets**
+- **Use PRs** — never push directly to main

.github/dependabot.yml

@@ -0,0 +1,20 @@
+version: 2
+updates:
+  - package-ecosystem: "uv"
+    directory: "/"
+    labels: ["dependencies", "python"]
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "06:00"
+      timezone: "America/New_York"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    labels: ["dependencies", "ci"]
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "06:00"
+      timezone: "America/New_York"
+

.github/workflows/ci.yml

@@ -0,0 +1,19 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  ci:
+    runs-on: blacksmith-2vcpu-ubuntu-2404
+    steps:
+      - uses: actions/checkout@v4
+      - uses: astral-sh/setup-uv@v7
+      - run: uv sync --frozen --all-extras
+      - run: uv run ruff check .
+      - run: uv run ruff format --check .
+      - run: uv run vulture . vulture_whitelist.py --min-confidence 80 --exclude .venv
+      - run: uv run pytest tests/

.github/workflows/publish.yml

@@ -0,0 +1,19 @@
+name: Publish
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  publish:
+    runs-on: blacksmith-2vcpu-ubuntu-2404
+    permissions:
+      contents: read
+      id-token: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: astral-sh/setup-uv@v7
+      - run: uv build
+      - run: uv publish
+        env:
+          UV_PUBLISH_TOKEN: ${{ secrets.PYPI_TOKEN }}

.github/workflows/security.yml

@@ -0,0 +1,47 @@
+name: Security
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  osv-scan:
+    name: Dependency Scan
+    runs-on: blacksmith-2vcpu-ubuntu-2404
+    timeout-minutes: 5
+    steps:
+      - uses: actions/checkout@v6
+
+      - name: Install osv-scanner
+        run: |
+          curl -fsSL https://github.com/google/osv-scanner/releases/download/v2.3.2/osv-scanner_linux_amd64 -o osv-scanner
+          chmod +x osv-scanner
+
+      - name: Scan dependencies
+        run: ./osv-scanner --lockfile=uv.lock --format=table || true
+
+  pip-audit:
+    name: Python Audit
+    runs-on: blacksmith-2vcpu-ubuntu-2404
+    timeout-minutes: 5
+    steps:
+      - uses: actions/checkout@v6
+      - uses: astral-sh/setup-uv@v7
+      - uses: actions/setup-python@v6
+        with:
+          python-version: "3.13"
+
+      - name: Install pip-audit
+        run: pip install pip-audit
+
+      - name: Audit dependencies
+        run: |
+          uv export --format requirements-txt --no-hashes > requirements.txt
+          pip-audit -r requirements.txt --disable-pip --no-deps || true
+

.gitignore

@@ -0,0 +1,9 @@
+__pycache__/
+*.pyc
+.venv/
+dist/
+*.egg-info/
+.pytest_cache/
+.ruff_cache/
+.env
+coverage/

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 AgentScore
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,72 @@
+# agentscore-py
+
+[![PyPI version](https://img.shields.io/pypi/v/agentscore-py.svg)](https://pypi.org/project/agentscore-py/)
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
+
+Python client for the [AgentScore](https://agentscore.sh) trust and reputation API. Score, verify, and assess AI agent wallets in the [x402](https://github.com/coinbase/x402) payment ecosystem and [ERC-8004](https://eips.ethereum.org/EIPS/eip-8004) agent registry.
+
+## Install
+
+```bash
+pip install agentscore-py
+```
+
+## Quick Start
+
+```python
+from agentscore import AgentScore
+
+client = AgentScore(api_key="ask_...")
+
+# Free reputation lookup
+rep = client.get_reputation("0x1234...")
+print(rep["grade"], rep["score"])
+
+# Trust decision with policy
+decision = client.get_decision("0x1234...", min_grade="C", min_transactions=5)
+print(decision["decision"]["allow"])
+```
+
+### Async
+
+```python
+async with AgentScore(api_key="ask_...") as client:
+    rep = await client.aget_reputation("0x1234...")
+    print(rep["grade"])
+```
+
+### Context Manager
+
+```python
+with AgentScore(api_key="ask_...") as client:
+    rep = client.get_reputation("0x1234...")
+```
+
+## Configuration
+
+| Parameter  | Default                     | Description              |
+|------------|----------------------------|--------------------------|
+| `api_key`  | `None`                     | API key from [agentscore.sh](https://agentscore.sh) |
+| `base_url` | `https://api.agentscore.sh` | API base URL             |
+| `timeout`  | `10.0`                     | Request timeout (seconds)|
+
+## Error Handling
+
+```python
+from agentscore import AgentScore, AgentScoreError
+
+try:
+    rep = client.get_reputation("0xinvalid")
+except AgentScoreError as e:
+    print(e.code, e.status_code, str(e))
+```
+
+## Documentation
+
+- [API Reference](https://docs.agentscore.sh)
+- [ERC-8004 Standard](https://eips.ethereum.org/EIPS/eip-8004)
+- [x402 Protocol](https://github.com/coinbase/x402)
+
+## License
+
+[MIT](LICENSE)

agentscore/__init__.py

@@ -0,0 +1,35 @@
+from agentscore.client import AgentScore
+from agentscore.errors import AgentScoreError
+from agentscore.types import (
+    AgentRecord,
+    AgentsListResponse,
+    AssessResponse,
+    DecisionPolicy,
+    EntityType,
+    Grade,
+    ReputationResponse,
+    ReputationStatus,
+    StatsERC8004,
+    StatsPayments,
+    StatsReputation,
+    StatsResponse,
+)
+
+__all__ = [
+    "AgentRecord",
+    "AgentScore",
+    "AgentScoreError",
+    "AgentsListResponse",
+    "AssessResponse",
+    "DecisionPolicy",
+    "EntityType",
+    "Grade",
+    "ReputationResponse",
+    "ReputationStatus",
+    "StatsERC8004",
+    "StatsPayments",
+    "StatsReputation",
+    "StatsResponse",
+]
+
+__version__ = "2.0.0"