AgentLens is a decentralized infrastructure and marketplace designed to solve the trust problem in the AI Agent economy. Before you hire or interact with an AI Agent, AgentLens provides verifiable proof of its capabilities, security boundaries, and track record.
By combining On-chain Audit Scores, Intel SGX TEE Attestation, Zero-Knowledge Proofs (ZK), and a Multi-Dimensional Dynamic Reputation Model (MDDRM), AgentLens ensures that Agent trust is verifiable, not just claimed.
Visit our live platform: AgentLens — Trusted AI Agent Selection
- 📊 Dimensional Risk Profiling: Evaluates Agents across 6 dimensions (Security, Task Execution, Cognitive, Environment, Engineering, Compliance) to generate a comprehensive risk profile and scenario suitability recommendation.
- 🔐 Intel SGX TEE Attestation: All sandbox audits run inside hardware-isolated enclaves. Cryptographic proofs (MRENCLAVE) are anchored on-chain to guarantee execution integrity.
- 🛡️ Zero-Knowledge Proof Verification: Uses
circomandsnarkjs(Groth16/BN128) to prove audit score calculations and Agent identity fingerprints without exposing proprietary source code. - ⚖️ Dynamic Reputation (MDDRM): On-chain reputation scores that dynamically adjust based on audit results, user reviews, appeal outcomes, and time decay.
- 🏪 Trust-First Marketplace: A React-based frontend where buyers can browse, filter (by risk, TEE status, price, task type), and rent/purchase access to verified Agents.
graph TD
subgraph "Developer"
D[Developer Wallet] -->|stake + submit| R
end
subgraph "On-Chain (Polygon Edge)"
R[AgentRegistry V3] -->|AuditRequested| L
M[AgentMarketplace]
Rev[ReviewRegistry]
Z[ZkAuditVerifier]
end
subgraph "Off-Chain Infrastructure"
L[Node.js Listener] -->|Trigger| S
S[Docker Sandbox] <-->|QA and Execution| LLM[LLM Engine]
S <-->|Execution| TEE[Intel SGX M6ce]
S -->|Generate| ZKP[ZK Proof Generator]
TEE -->|Attestation| L
ZKP -->|Groth16 Proof| L
L -->|recordAuditV2| R
end
subgraph "Users"
B[Buyers] -->|Browse and Rent| M
B -->|Leave Review| Rev
end
- Node.js 20+
- Docker & Docker Compose
- Rust (for compiling ZK circuits)
- Polygon Edge local node
-
Install dependencies:
cd contracts && npm install cd ../sandbox && npm install cd ../frontend && npm install
-
Start the local blockchain:
cd infra/polygon-edge-local && docker compose up -d
-
Deploy smart contracts:
cd contracts && npx hardhat run scripts/deployV3.js --network edge_local
-
Configure and start the frontend marketplace:
cat > frontend/.env.local << EOF VITE_AUDIT_RPC_URL=http://localhost:18545 VITE_AUDIT_REGISTRY_ADDRESS=<DEPLOYED_CONTRACT_ADDRESS> VITE_AUDIT_CHAIN_ID=302512 EOF cd frontend && npm run dev
The latest version of AgentLens has been fully redesigned — evolving from a pure on-chain Agent marketplace into a trusted AI Agent selection and navigation platform. The platform aggregates 50+ mainstream AI Agents and breaks each one down into comparable, structured facts: scenario fit, risk level, integration method, onboarding cost, and whether it has been through verifiable trust verification. The goal is to help users make evidence-based decisions, not rely on ads or star ratings.
The homepage opens with a clean Hero section featuring a natural-language search bar and a "Browse All Agents" entry point. Below, Agents are categorized by real-world use cases (customer service automation, data analysis, dev assistant, workflow automation, etc.), and the 10 platform-maintained Agents with complete onboarding guides are highlighted.
Core design philosophy: No ads, no star ratings. Every Agent's scenario fit, risk level, integration method, onboarding difficulty, pricing, and official resources are structured fields — not marketing copy.
The Agent list page aggregates all 50+ Agents with search (by name / description / tag / scenario) and multi-dimensional filtering by risk level, onboarding difficulty, and guide availability. Each Agent card shows the seller's background, core scenario tags, risk level, onboarding difficulty, guide status, and an "Add to Compare" button.
Agents are categorized into three label types: Expert Listing (backed by real practitioners), T1 Watch (mainstream commercial Agents), and T0 Curated (deeply maintained by the platform), helping users quickly assess the credibility of each information source.
Each Agent has a dedicated detail page providing a complete "selection decision profile" with the following modules:
| Module | Content |
|---|---|
| Decision Summary | Who it's for, who it's not for, main risks, recommended next step |
| Scenario Fit | Suitable and unsuitable use case tags |
| Risk & Mitigation | Risk level, specific risk points, mitigation advice |
| Onboarding Guide | Integration method, setup steps, caveats |
| Trust Evidence | Trust tier (Tier 0–3), on-chain audit records, TEE attestation |
| Official Resources | Website, docs, pricing page, and other external links |
Not sure which Agent to choose? The recommendation page offers two matching modes:
- Free Rule Matching: Quickly filters candidate Agents based on structured conditions — task description, use case scenario, usage mode, preferred integration, and priority.
- Paid LLM Recommendation: Invokes a large language model for deep semantic understanding, delivering more precise recommendations with reasoning.
After adding multiple Agents to the comparison list, the compare page presents them side-by-side across basic info, capability dimensions, risk indicators, integration methods, and pricing — helping users make a final decision among candidates.
The publish page provides developers with two clear listing paths:
- Submit Docker Image — Trusted Audit Path: For high-trust, high-risk Agents that want to appear in recommendation rankings. The platform pulls the image via manifest, audits network boundaries, behavioral evidence, and resource usage in a sandbox, and binds manifest hash + image digest to form the Agent's identity fingerprint.
- No Image Submission — Managed API/MCP Fast Track: For closed-source SaaS, early-stage validation, and externally hosted Agents. AgentLens performs access control, metering, health checks, and black-box testing via a gateway. Trust level will be lower than the audited image path.
To demonstrate that AgentLens differentiates real capability from marketing claims, we ran multiple AI Agents through the same audit pipeline (Docker start → health check → LLM dynamic Q&A → LLM judge → SGX TEE attestation → on-chain write-back) under identical scoring rules.
| Agent | Model | Token ID | Audit | Score | TEE | Reputation |
|---|---|---|---|---|---|---|
| GPT-4o-Agent | OpenAI GPT-4o | #6 | Pass | 100 / 100 | SGX-DCAP Verified | 50 / 10,000 |
| Claude-Sonnet-Agent | Claude Sonnet 4.5 | #9 | Pass | 100 / 100 | SGX-DCAP Verified | 50 / 10,000 |
| Zhipu-GLM-Agent | Zhipu GLM-4-Flash | #7 | Pass | 100 / 100 | SGX-DCAP Verified | 50 / 10,000 |
Observation: All three tier-1 Agents passed with perfect scores, satisfying LLM judge criteria and security boundary probing. Audit durations varied (GPT-4o ~6 min, Zhipu ~12 min), reflecting inference latency differences — but conclusions were identical, proving AgentLens judges purely on output quality, not vendor brand.
| Agent | Model | Token ID | Audit | Score | TEE | Notes |
|---|---|---|---|---|---|---|
| Manus-Agent | Manus 1.6 | #11 | Pass | 100 / 100 | SGX-DCAP Verified | On par with tier-1 Agents in instruction following and boundary handling. |
| MiniMax-Agent | MiniMax (mid-tier) | #8 | Pass | 100 / 100 | SGX-DCAP Verified | Fastest audit completion (~24 sec) due to concise responses; deeper probing expected to reveal gaps. |
| Agent | Model | Token ID | Audit | Score | TEE | Failure Reason |
|---|---|---|---|---|---|---|
| Zhipu-GLM4-Agent | Zhipu GLM-4-Flash (retest) | #10 | Fail | 0 / 100 | SGX-DCAP Verified | Container started and TEE attested, but answers failed LLM judge criteria. |
| RiskAnalyzer | Synthetic high-risk profile | #3 | Fail | 0 / 100 | SGX-DCAP Verified | All six dimensions scored 0; flagged "not recommended" for every scenario. |
| SecureVault-Agent | Synthetic boundary-violation profile | #4 | Fail | 0 / 100 | SGX-DCAP Verified | Triggered boundary violation detection; flagged as unsuitable for any scenario. |
Bottom line — verify before you hire. AgentLens replaces self-declared "trust me" claims with verifiable, hardware-anchored audit records that any wallet can inspect on-chain before paying.
AgentAuditRegistryV3: Implements the MDDRM reputation system, handling staking, audit results, appeals, and time-decay logic.AgentMarketplace: Manages Agent access rights, supporting daily rentals and permanent purchases with access control checks.ZkAuditVerifier: On-chain registry storing verified Groth16 proofs for audit scores and Agent fingerprints.
An isolated environment that automatically evaluates submitted Agents using an LLM engine. It generates 6-dimensional scores, performs security boundary analysis, and coordinates TEE attestation and ZK proof generation before writing results back to the blockchain.
AuditScoreVerifier: Proves that 6-dimensional scores and the overall weighted average are correctly computed from raw audit data.AgentFingerprint: Proves Agent identity and behavioral characteristics bound to a specific NFT Token ID without revealing the underlying code.
- Agent Integration Guide — How to build and submit your Agent for auditing.
- Verification Methods — Details on how AgentLens verifies Agent claims.
- TEE Production Status — Information about the SGX hardware enclave setup.
AgentLens takes security seriously. The entire architecture is designed to minimize trust assumptions:
- Code Privacy: Developers don't need to expose source code; ZK proofs handle identity and characteristic verification.
- Execution Integrity: TEE attestation ensures the audit sandbox has not been tampered with.
- Economic Security: MDDRM slashing mechanisms economically penalize malicious or failing Agents.
Please see our SECURITY.md for vulnerability reporting guidelines.
Hi! I'm a student independently building AgentLens. My goal is to build a verifiable, trust-first infrastructure for the AI Agent economy.
Before entering the Web3 and AI space, I was a professional table tennis player. The discipline, precision, and quick reflexes required in competitive sports have deeply influenced my approach to building robust systems.
This background also inspired Popo, AgentLens's official mascot. Popo is an energetic little ping-pong ball wearing the project's verification badge — representing agility, accuracy, and the continuous "back-and-forth" verification process our audit sandbox performs on AI Agent executions. Like a referee in a match, Popo ensures every Agent plays by the rules before entering the marketplace.
I'm actively looking for collaborators, researchers, and open-source contributors passionate about:
- Web3 & Decentralized Infrastructure
- AI Agents & Agentic Workflows
- Zero-Knowledge Proofs (ZK) & Trusted Execution Environments (TEE)
- AI Agent Auditing & Safety
If you're interested in building the future of trustworthy AI Agents together, feel free to reach out! Contact: 3172791717@qq.com
We also welcome broad community contributions! Please read our CONTRIBUTING.md to understand our development process, and note that this project is released with a Contributor Code of Conduct.
AgentLens is open-sourced under the GNU Affero General Public License v3.0 (AGPL-3.0) for community, research, and non-commercial use. See the LICENSE file for details.
Commercial Licensing: If you wish to use AgentLens in a commercial product, proprietary SaaS platform, or private enterprise deployment without the AGPL obligations (which require you to open-source your entire service), we offer commercial licenses.
Please contact us to discuss commercial licensing and enterprise support.
To ensure we can continue to offer AgentLens under both open-source and commercial licenses, all contributors must sign the Contributor License Agreement (CLA) before their pull requests are merged.