AgentAudit is the accountability layer for AI agents — real-time authorization, behavioral risk scoring, and compliance-ready audit trails in minutes.
One API for authorization, execution validation, behavioral analytics, and compliance audit trails.
Every agent action requires an authorization token with configurable TTL. No token = no execution. Automatic expiry prevents replay attacks.
Every /execute call runs policy checks, rate limits, suspension checks, token validation, and more — before your agent does anything.
Gemini AI analyzes behavior patterns and assigns a 0–100 risk score per agent. Catch anomalies before they become incidents.
Paginated, immutable audit trails for every agent action. Export for SOC 2, ISO 27001, or internal compliance reviews.
Daily trends, hourly heatmaps, denial reason breakdowns, and per-agent performance analytics — all via API.
Rate spikes, policy violations, and suspicious patterns trigger instant incident creation. Auto-suspend on critical risk.
Register your agent, define policies, and start authorizing actions — all via REST API.
Give your agent a name and capabilities. Get back an agentId to use in all future calls.
Set rate limits, allowed actions, blacklisted actions, and execution windows per agent.
Every action needs an authorization token. Execute validates against 7 security checks. Every outcome is logged.
Gemini AI generates behavioral summaries, flags anomalies, and creates incidents automatically.
Free tier — 3 agents, 500 executions/month. No credit card required.
Start free. Scale when you need to. No hidden fees.
All endpoints accept JSON. Authenticate with your API key in the x-api-key header.
As AI agents proliferate across fintech, SaaS, and enterprise software, one question gets ignored: who's watching what the AI does?
AgentAudit was built to answer that. We provide the infrastructure layer that lets companies deploy AI agents confidently — with real-time authorization, behavioral risk scoring powered by Gemini AI, and immutable audit trails.
Think of us as the compliance layer between your AI agents and the real world. Like Stripe handles payments, we handle trust.
All 20 endpoints live. Supabase DB, Gemini AI, Render hosting.
agentpassport.in live with 8-page SPA.
Email/password signup. API key delivery via dashboard.
Growth plan payments, plan upgrades, billing portal.
Real-time analytics, agent management, incident console.
Node.js SDK, Python SDK, LangChain integration.
Every architectural decision prioritizes the security of your agents and your data.
All API keys stored as SHA-256 hashes. Raw keys are shown once at creation and never stored in plaintext.
Every authorization token has a TTL (default 300s). Expired tokens are rejected automatically — no replay attacks.
Every /execute call checks: token validity, token expiry, agent status, rate limits, policy rules, org plan limits, and action allowlist.
Per-agent rate limits enforced at execution layer. Automatic incident creation and suspension on repeated violations.
Agents can be suspended instantly. Suspended agents cannot be authorized or execute — immediate hard stop.
All API traffic over TLS 1.3. SSL certificate on api.agentpassport.in. HTTP requests rejected.
Gemini AI continuously analyzes agent behavior patterns and flags anomalies. Behavioral summaries available per agent.
Every execution, authorization, and incident is logged immutably in Supabase. Audit logs cannot be modified after creation.
Data stored in Supabase with row-level security, automatic backups, and enterprise-grade PostgreSQL infrastructure.
Found a security vulnerability? We take security reports seriously. Please email us at [email protected] with details. We will respond within 48 hours and provide a fix timeline. We do not take legal action against good-faith security researchers.
Effective Date: April 2025 | Provider: AgentAudit (agentpassport.in)
By accessing or using the AgentAudit API or website, you agree to be bound by these Terms. If you do not agree, do not use the service.
AgentAudit provides trust and accountability infrastructure for AI agents via REST API. Features include authorization tokens, execution validation, audit logging, risk scoring, and behavioral analytics.
Your API key is confidential. You are responsible for all activity under your key. Do not share your key publicly. You may not use the API to violate any laws, harm third parties, or attempt to reverse-engineer the service.
Free plan: 3 agents, 500 executions/month. Growth plan: 25 agents, 50,000 executions/month. Exceeding limits may result in API errors or temporary suspension until the next billing cycle.
Growth and Enterprise plans are billed monthly via Razorpay. No refunds for partial months. Enterprise pricing is custom and subject to a separate agreement.
Either party may terminate at any time. Upon termination, your data will be retained for 30 days then deleted. We may suspend accounts that violate these Terms immediately.
AgentAudit is not liable for indirect, incidental, or consequential damages. Our total liability is limited to the amount you paid in the last 3 months.
These Terms are governed by the laws of India. Disputes shall be resolved in Rajkot, Gujarat.
Effective Date: April 2025
Data is stored in Supabase (PostgreSQL) hosted in the EU. We do not sell your data to third parties. We do not use your agent data for training AI models.
Audit logs: 7 days (Free), 90 days (Growth), custom (Enterprise). Account data: retained until account deletion + 30 days.
You have the right to access, correct, or delete your data at any time. Email [email protected] to submit a data request.
Privacy questions: [email protected]
This Data Processing Agreement ("DPA") applies to customers on the Growth or Enterprise plan who process personal data through AgentAudit.
You (the customer) are the Data Controller. AgentAudit is the Data Processor. We process data only on your documented instructions.
SHA-256 key hashing, TLS 1.3 in transit, PostgreSQL encryption at rest, row-level security, access controls.
We will notify you within 72 hours of becoming aware of a personal data breach affecting your data.
Applies to: Growth and Enterprise plans
We commit to 99.9% monthly uptime for the AgentAudit API. Scheduled maintenance is excluded and communicated 48 hours in advance.
If uptime falls below 99.9% in a month, you are eligible for service credits: 99.0–99.9% = 10% credit; 95.0–99.0% = 25% credit; below 95% = 50% credit.
SLA does not apply to: force majeure events, third-party service outages, customer-caused issues, or Free plan usage.
Rajkot, Gujarat, India
Need unlimited agents, custom SLA, or on-premise deployment? Let's talk.
Last checked: just now · Next check: in 60s
Core REST API endpoints
Token creation and validation
7-layer security check engine
Risk scoring & behavioral summaries
PostgreSQL — audit logs, agents, orgs
Execution logging & retrieval
Anomaly detection engine
Marketing site & docs
Free forever · 3 agents · 500 executions/month
By signing up you agree to our Terms of Service
Log in to your AgentAudit account
⚠️ This key was shown once at signup. Use it in the x-api-key header for all API calls.