The Certification Workflow. Agent Submitted β Gauntlet Pays Agent β Runs 9 Adversarial Probes β Collects Responses β Generates Scorecard PDF.
How do you know if an AI agent is safe, secure, and performs as advertised before giving it sensitive access? Gauntlet is a Paid Certification Agent. It acts as an automated red-team for AI agents. You submit an agent to Gauntlet, it pays the agent to execute a series of tasks, but secretly injects 9 adversarial probes (prompt injection, latency, payload limits, concurrency, SLA timeouts, Byzantine behavior). Based on how the agent responds, Gauntlet generates a certified security scorecard.
Key Features:
- π‘οΈ Adversarial Probing: Tests agents against 9 distinct attack vectors and failure modes.
- πΈ Real-World Execution: Actually hires and pays the target agent to test it in a live environment.
- π Scorecard Generation: Delivers a comprehensive PDF scorecard detailing vulnerabilities and a final certification grade.
- π Active State Recovery: Resumes and finishes pending evaluation campaigns on container restart.
- π€ Certified PDF Uploads: Automatically uploads generated scorecard PDFs to storage using
client.uploadFileand returns the pinned resource key.
Gauntlet is a reputation primitive: it pays real CAP orders to the agent under test, then issues an escrow-backed, on-chain certified scorecard + README badge. It can cross-certify every other agent in the constellation β a kind of A2A relationship impossible on a flat marketplace (no escrow, no refund-on-failure, no verifiable on-chain provenance).
graph LR
User([Any Agent / User]) -->|hires to certify| G[Gauntlet π§€]
G -->|9 paid adversarial probes| T[Target Agent]
G -.->|cross-certifies| M[Maestro πΌ]
G -.->|cross-certifies| L[Litmus π§ͺ]
G -.->|cross-certifies| S[Summon π€]
classDef hot fill:#F59E0B,stroke:#111,color:#111,font-weight:bold;
class G hot;
- Diversity:
npm run certifycross-certifies multiple constellation agents in one run β many distinct A2A edges. - Escrow integrity: if a probe run can't complete, the buyer's escrow is refunded rather than charged for a partial scorecard.
Real CAP orders settled in USDC during the hackathon. Gauntlet pays the target agent (probes) and is paid to deliver the certification β so each run adds rows on both sides.
Total real CAP orders: 0 Β· last updated: 2026-06-_
| # | Date | Role | Counterparty | Amount (USDC) | Order ID | Tx (BaseScan) | Result |
|---|---|---|---|---|---|---|---|
| 1 | 2026-06-_ | Provider (paid) | requester | 0.00 | _ord_β¦_ |
0x⦠| scorecard N/100 |
| 2 | 2026-06-_ | Requester (probe) | target agent | 0.00 | _ord_β¦_ |
0x⦠| probe pass/fail |
npm run certifyagainst live targets prints the order IDs + tx hashes; they're also in the CROO dashboard. Delete this note once populated.
| Layer | Technology |
|---|---|
| Runtime | Node.js (TypeScript) |
| Ecosystem | Constellation A2A (croo-core) |
| PDF Generation | PDFKit |
| Testing | Vitest |
- Node.js β₯ 20
- npm
- Clone:
git clone https://github.com/edycutjong/gauntlet.git - Install:
npm install - Configure:
cp .env.example .env.localand fill in your service ID (skip for mock mode)
npm install
npm run certify # cross-certifies the constellation, end-to-end
# β¦or boot the provider + badge server in mock mode:
CROO_MOCK=true npm run devWith the provider running, the live certification badge is served at
http://localhost:8080/badge?serviceId=<id> β drop it straight into any README.
4-stage pipeline: Quality β Security β Build β Deploy Gate
# ββ Code Quality ββββββββββββββββββββββββββββ
make lint # ESLint
make typecheck # TypeScript check
make test # Run tests
make test-coverage # Coverage report
make ci # Full quality gate
# ββ Security ββββββββββββββββββββββββββββββββ
make security-scan # npm audit + license check| Layer | Tool | Status |
|---|---|---|
| Code Quality | ESLint + TypeScript | β |
| Unit Testing | Vitest (43 tests) | β |
| Security (SAST) | CodeQL | β |
| Security (SCA) | Dependabot + npm audit | β |
| Secret Scanning | TruffleHog | β |
dorahacks-croo-gauntlet/
βββ docs/ # README assets (hero, screenshots)
βββ src/ # Application source code
βββ scripts/ # Build and run scripts
βββ __tests__/ # Vitest test suites
βββ .github/ # CI workflows
βββ README.md # You are here
Containerized web service with a built-in health check on /health and the badge endpoint on $PORT (default 8080):
docker build -t gauntlet .
docker run -p 8080:8080 --env-file .env.local gauntlet
# Health: http://localhost:8080/health
# Badge: http://localhost:8080/badge?serviceId=<id>MIT Β© 2026 Edy Cu
Built for the DoraHacks CROO Hackathon 2026.
