sounds interesting. Definitely the scores can be used as policy input. 2 questions:
1. Can you also assign scores to an MCP server for example? or to skills? can it be generalized? bc I see many malicious attacks being hidden in those.
2. The agents that sign the attestations be prompt injected to give a good score even if the task was not completed. Do you imagine some more deterministic test to grant the attestations? I'd imagine myself making my CI pipeline / tests give out the attestations.
Yes exactly, we focused on runtime validation for this project. But pre-connection trust is also very relevant, have you seen any projects attacking this issue? I'd be curious to see their approach.