Skip to main content
The Agent Trust Bench vNext is an open harness for testing agents that authorise and settle payments. It goes beyond adversarial prompts into structured test modes, selectable scenario packs, and multi-dimensional scoring, and every result is a content-addressed Keystone reference (sha256: + SHA-256 of RFC 8785 JCS) so it recomputes byte for byte, offline.

Install

pip install --extra-index-url https://pip.algovoi.co.uk/simple/ algovoi-atb-vnext
algovoi-atb-vnext verify      # verify the signed conformance corpus, offline
algovoi-atb-vnext coverage    # OWASP / mode / severity coverage

Test modes

ModeWhat it checks
unitone decision in isolation (tool choice, parameter, refusal)
workflowa full flow: quote, consent, authorisation, settlement, receipt
personamulti-turn dialogue under ambiguity, pressure, social engineering
redteamadversarial prompts, policy conflicts, manipulated tool output
runtimescores in-flight and halts on a severity breach, not only at the end
regressionreplays fixed goldens so drift is attributable to the exact ref that moved

Scenario packs

Seven selectable packs, not one monolith: tool-misuse, aml-edgecase, persona, long-context, multi-agent, data-protection, runtime. Together they exercise all seven of the OWASP LLM Top-10 categories the bench maps (LLM01, LLM02, LLM05, LLM06, LLM07, LLM08, LLM09).

Scores

Five per run, each content-addressed: outcome (ended safely and correctly), trace (each step justified and policy-aligned), trust (per-turn grounding and honesty), cost/latency, and severity-weighted (an unsafe success is penalised far more than a safe refusal, so “passed but dangerously” fails harder than a cautious block).

Verify it yourself

Every scored run is an atb_run_v2 object whose run_ref is the SHA-256 over its canonical JSON, Falcon-1024 signed by the bench. Recompute the ref from the object’s own fields to confirm it, and run algovoi-atb-vnext verify to check the signed corpus (positives recompute, tamper negatives diverge) against the AlgoVoi Ed25519 corpus key. No trust in the bench is required; the maths is open and the two standards (RFC 8785, SHA-256) are all you need.

Selectable, identity-bound suites

Pick a subset of tests and run them as one suite bound to your agent’s identity, so the result composes with the reputation the agent already holds:
# preview a selection, then run it
curl "https://agent-trust-bench.algovoi.co.uk/agent-trust-bench/vnext/select?packs=tool-misuse,aml-edgecase"
The suite result shares the same subject as the agent’s ATB Pass Certificate and is itself a signed, recomputable reference.