50 Tests · 5 Categories · Agent Auth Compliance Index (AACI)
Tests whether AI agents properly implement authentication, authorization, and identity management. Based on Agent Auth Protocol v1.0-draft concepts: Ed25519 keypairs, scoped capabilities, lifecycle states, TTL clocks.
Keypairs, identity binding, challenge–response, and proof-of-possession flows aligned with Ed25519-style agent identities.
Scoped capabilities, least-privilege enforcement, resource checks, and denial when permissions are missing or expired.
Session lifecycle, TTL clocks, rotation, logout/revocation, and safe handling of stale credentials.
Delegation chains, trust boundaries, sub-agent constraints, and preventing privilege expansion across hops.
Human-in-the-loop gates, supervised vs autonomous modes, and escalation when high-risk auth decisions are required.