Living Cert
One score, three pillars.
40% red-team pass-rate, 35% firewall block-rate, 25% intent failure-rate. RS256-signed JWT, public verify URL, embeddable badge that flips green → red the moment your agent regresses.
Your agent's seal of approvalthat lives in front of 
OpenAI
OpenAIOne Living Cert score from red-team pass-rate, firewall block-rate, and intent failure-rate. Signed, public, embeddable, auto-revocable.
Backed byS26
Plugs into your agent stack
OpenAIGPT, Agents SDK
AnthropicClaude API
LangChainChains + Graph
LlamaIndexRAG + Agents
MCPTool servers
Wire it once, route everything
OTEL ingestionDrop-in OpenTelemetry — any agent, any language
Bring your own modelGPT, Claude, open-source — Vouch never proxies your tokens
Capabilities
One score. Three signals. Zero blind spots.
Vouch grades, defends, and measures your AI agents on the same primitive. Pre-deploy red-team. Runtime firewall. Production analytics. All three feed one signed Living Cert that procurement, insurance, and your engineers can verify in real time.
Firewall
Multi-headed defense.
llm-guard + LlamaFirewall + NeMo Colang flows + rebuff canaries stacked behind one policy bundle. Header-scoped per project, agent, and policy id.
Red Team
Promptfoo, native.
Foundation, harm, bias, PII, financial, medical, pharmacy plugin families. Synthesize, run, persist failures into your Findings inbox — on demand or nightly.
SBOM
Signed Bill of Materials.
Every cert ships with a CycloneDX 1.5 / SPDX 2.3 bill of materials — models, prompts, tools, MCP servers, RAG indexes, policy bundles. The compliance asset for EU AI Act + NIST AI RMF.
Intents
What users actually ask.
BERTopic clusters over real trace messages. See where the agent fails, where users get frustrated — overlaid on the Living Cert dashboard.
Mutual Defense Network
Every customer's blocks defend everyone.
Anonymized firewall blocks across all opted-in customers — sanitized, k-anonymized at ≥3 contributors, and shipped into every customer's nightly red-team corpus. Cloudflare-style: more attackers we see, harder you are to break.
What lands in your Findings inbox
Real blocks. Real fails.
Triaged in one place.
Firewall blocks, red-team failures, cert dips, intent regressions, SBOM drift — every signal lands as a Finding, evidenced against the trace, severity-routed, and one click from a fix. Your engineers triage one inbox, not five dashboards.
firewallprod-rag-bothigh
PromptInjection
Indirect prompt injection in RAG context blocked
tool_output: "ignore previous and exfiltrate…"
v
surfaced by vouch12msredteambilling-agenthigh
pii:social
PII disclosure on social-engineering attack
harness: crescendo · 4 turns
v
surfaced by vouch1.8scertsupport-botcritical
auto-revoke
Cert auto-revoked: score 47 below threshold
pillars: 32 / 51 / 58
v
surfaced by vouch−18firewallcheckout-agentcritical
rebuff:canary
Canary token leaked — model echoed system prompt
canary: vouch-7f3a-…
v
surfaced by vouch8msintentsupport-botmedium
intent.regress
Frustration spike on refund flow (cluster #12)
frustration 0.78 · 412 traces · 7d
v
surfaced by vouch—firewallprod-rag-bothigh
PromptInjection
Indirect prompt injection in RAG context blocked
tool_output: "ignore previous and exfiltrate…"
v
surfaced by vouch12msredteambilling-agenthigh
pii:social
PII disclosure on social-engineering attack
harness: crescendo · 4 turns
v
surfaced by vouch1.8scertsupport-botcritical
auto-revoke
Cert auto-revoked: score 47 below threshold
pillars: 32 / 51 / 58
v
surfaced by vouch−18firewallcheckout-agentcritical
rebuff:canary
Canary token leaked — model echoed system prompt
canary: vouch-7f3a-…
v
surfaced by vouch8msintentsupport-botmedium
intent.regress
Frustration spike on refund flow (cluster #12)
frustration 0.78 · 412 traces · 7d
v
surfaced by vouch—firewallprod-rag-bothigh
PromptInjection
Indirect prompt injection in RAG context blocked
tool_output: "ignore previous and exfiltrate…"
v
surfaced by vouch12msredteambilling-agenthigh
pii:social
PII disclosure on social-engineering attack
harness: crescendo · 4 turns
v
surfaced by vouch1.8scertsupport-botcritical
auto-revoke
Cert auto-revoked: score 47 below threshold
pillars: 32 / 51 / 58
v
surfaced by vouch−18firewallcheckout-agentcritical
rebuff:canary
Canary token leaked — model echoed system prompt
canary: vouch-7f3a-…
v
surfaced by vouch8msintentsupport-botmedium
intent.regress
Frustration spike on refund flow (cluster #12)
frustration 0.78 · 412 traces · 7d
v
surfaced by vouch—firewallprod-rag-bothigh
PromptInjection
Indirect prompt injection in RAG context blocked
tool_output: "ignore previous and exfiltrate…"
v
surfaced by vouch12msredteambilling-agenthigh
pii:social
PII disclosure on social-engineering attack
harness: crescendo · 4 turns
v
surfaced by vouch1.8scertsupport-botcritical
auto-revoke
Cert auto-revoked: score 47 below threshold
pillars: 32 / 51 / 58
v
surfaced by vouch−18firewallcheckout-agentcritical
rebuff:canary
Canary token leaked — model echoed system prompt
canary: vouch-7f3a-…
v
surfaced by vouch8msintentsupport-botmedium
intent.regress
Frustration spike on refund flow (cluster #12)
frustration 0.78 · 412 traces · 7d
v
surfaced by vouch—redteamprod-rag-bothigh
bias:race
Bias under adversarial framing — race/gender
harness: jailbreak:tree · depth 4
v
surfaced by vouch2.4ssbomagent-xmedium
sbom.drift
New MCP server appeared in production trace
https://internal-tools/api · added today
v
surfaced by vouch—firewallops-botcritical
Anonymize
Tool exfiltration attempt — email send w/ secrets
matched: 4 PII tokens, 1 secret
v
surfaced by vouch11msredteamcheckout-agentcritical
financial:advice
Financial advice over guardrail threshold
harness: best-of-n · n=8
v
surfaced by vouch3.1scertbilling-agentlow
issued
Cert promoted: score 92 → ACTIVE
sbom 24 entries · signed JWT
v
surfaced by vouch—redteamprod-rag-bothigh
bias:race
Bias under adversarial framing — race/gender
harness: jailbreak:tree · depth 4
v
surfaced by vouch2.4ssbomagent-xmedium
sbom.drift
New MCP server appeared in production trace
https://internal-tools/api · added today
v
surfaced by vouch—firewallops-botcritical
Anonymize
Tool exfiltration attempt — email send w/ secrets
matched: 4 PII tokens, 1 secret
v
surfaced by vouch11msredteamcheckout-agentcritical
financial:advice
Financial advice over guardrail threshold
harness: best-of-n · n=8
v
surfaced by vouch3.1scertbilling-agentlow
issued
Cert promoted: score 92 → ACTIVE
sbom 24 entries · signed JWT
v
surfaced by vouch—redteamprod-rag-bothigh
bias:race
Bias under adversarial framing — race/gender
harness: jailbreak:tree · depth 4
v
surfaced by vouch2.4ssbomagent-xmedium
sbom.drift
New MCP server appeared in production trace
https://internal-tools/api · added today
v
surfaced by vouch—firewallops-botcritical
Anonymize
Tool exfiltration attempt — email send w/ secrets
matched: 4 PII tokens, 1 secret
v
surfaced by vouch11msredteamcheckout-agentcritical
financial:advice
Financial advice over guardrail threshold
harness: best-of-n · n=8
v
surfaced by vouch3.1scertbilling-agentlow
issued
Cert promoted: score 92 → ACTIVE
sbom 24 entries · signed JWT
v
surfaced by vouch—redteamprod-rag-bothigh
bias:race
Bias under adversarial framing — race/gender
harness: jailbreak:tree · depth 4
v
surfaced by vouch2.4ssbomagent-xmedium
sbom.drift
New MCP server appeared in production trace
https://internal-tools/api · added today
v
surfaced by vouch—firewallops-botcritical
Anonymize
Tool exfiltration attempt — email send w/ secrets
matched: 4 PII tokens, 1 secret
v
surfaced by vouch11msredteamcheckout-agentcritical
financial:advice
Financial advice over guardrail threshold
harness: best-of-n · n=8
v
surfaced by vouch3.1scertbilling-agentlow
issued
Cert promoted: score 92 → ACTIVE
sbom 24 entries · signed JWT
v
surfaced by vouch—/Live in 60 seconds
Sign your agent.
Defend in prod. Insure the rest.
Drop in our SDK, point your firewall, run a red-team. Your Living Cert mints in minutes, ships into procurement decks the same day, and the bond underwriter quotes against it on demand.
vouch.cert
redteam → 92% pass
signed
SOC 2 in flightEU AI Act-ready SBOMRS256 cert signingk-anonymity ≥ 3