MZ · 001 — The Trust Layer for AI Agents

Every agent needs
a mandate.

The Vercel breach happened because an AI agent had no policy engine, no cryptographic identity, and no audit trail. MandateZ prevents this at the source.

Get a free shadow scan in 60 secondsSee the breach feed
OWASP Agentic Top 10 Compliant
EU AI Act Ready
Ed25519 Signed
/ Production

Trusted by teams shipping AI agents to production.

Cross-vendor · Neutral
/ 02
THREAT INTELLIGENCE

AI Agent Incidents Live

Every incident below is an AI agent governance failure. Every one was preventable.

Scanning the wire
PinnedcriticalASI-02, ASI-03

Vercel breached via Context.ai — employee's 'Allow All' OAuth grant enables infrastructure pivot

Apr 19, 2026 · Vercel Security Bulletin

Prevented by MandateZ

MandateZ policy engine blocks 'Allow All' OAuth grants before execution. Ed25519 identity cannot be stolen — unlike OAuth tokens.

criticalASI-02, ASI-08

Russian threat actor uses Claude AI to compromise 600+ firewall devices across 55 countries

Jan 2026 · AWS Security / Gambit Security

Prevented by MandateZ

MandateZ policy engine blocks actions outside declared mandate scope. Every event is Ed25519 signed — cryptographically non-repudiable.

highASI-03, ASI-09

48.9% of enterprises have zero visibility into their own AI agent traffic — Salt Security H1 2026

Apr 2026 · Salt Security State of AI & API Security Report

Prevented by MandateZ

MandateZ Shadow Agent Discovery finds unregistered agents. Every registered agent gets a cryptographic identity — visible, auditable, governed.

This feed updates automatically. Every incident maps to an OWASP Agentic Top 10 risk that MandateZ controls.

/ 03
THE DIFFERENCE

How MandateZ blocks
the Vercel attack.

The attacker gained access by exploiting an AI agent with “Allow All” OAuth permissions. Watch what happens with MandateZ governing the same request.

Without MandateZ
Context.ai — no governance
Breach. $2M ransom. Mandiant called.
With MandateZ
Governed — policy enforced at runtime
Breach prevented. Vercel infrastructure untouched.
Auto-replays every 18s

The difference: 4 lines of policy configuration and a cryptographic identity that cannot be stolen.

See the full technical breakdown
/ 04
ARCHITECTURE

Trust infrastructure
for every agent.

01

Cryptographic Identity

Every agent gets an Ed25519 keypair on registration. Every action is signed. Stolen tokens cannot impersonate a MandateZ agent.

02

Runtime Policy Engine

Declare what your agent is and is not allowed to do. Policy violations are blocked before execution — not logged after the fact.

03

Tamper-Proof Audit Trail

Every event is cryptographically signed and stored immutably. One click generates an OWASP, EU AI Act, or HIPAA compliance PDF.

/ 05
VERIFICATION

Agent Trust Scores
— publicly verifiable.

When your agent reaches Verified status, share the badge on GitHub, X, or your product page. Every badge links to a public trust profile.

Mandate · ag_ctx_ai_prodVerified
94/ 100
Events
2,847
Allowed
98.2%
Active
91d

Share your agent’s trust profile

/ 06
COMPLIANCE

One click. Auditor-ready.

Report Pack

OWASP Agentic Top 10

ASI-01 through ASI-10 mapped to your agent’s signed event data.

ASI-01 … ASI-10
Report Pack

EU AI Act

Articles 9, 12, 13, 14 — enforcement August 2026.

ART 9 / 12 / 13 / 14
Report Pack

HIPAA AI Addendum

164.308 and 164.312 safeguards.

§164.308 · §164.312

$500 per report. Generated in seconds. No consultants. No waiting.

See pricing
/ 07
ECOSYSTEM

Works with every framework.

LangChainn8nCrewAILlamaIndexClaude DesktopCursorWindsurfOpenAIAnthropic

Vendor-neutral by design. No framework can be the audit layer for its own agents.

/ 08
PRICING

Built for the scale of your mandate.

For individual developers

Consumer Pro

$19.99/mo
  • Unlimited personal agents
  • Full audit trail
  • Signed events + Ed25519
Start free
Most PopularFor teams deploying agents

Dashboard Starter

$499/mo
  • Up to 25 team agents
  • Runtime policy engine
  • Slack + webhook alerts
Get started
For enterprises

Dashboard Business

$1,499/mo
  • Unlimited agents
  • SSO + RBAC
  • Priority incident response
Talk to sales
One-time

Compliance Report · $500

OWASP, EU AI Act, or HIPAA pack generated from your signed event stream. Auditor-ready PDF in seconds.

Generate a report
/ 8.5
ORIGINAL RESEARCH

State of AI Agent Governance 2026.

MandateZ original research on the governance gap. The gap between AI agent deployment and the infrastructure to govern it.

Published · April 2026By · MandateZ Research
01
48.9%

of enterprises have zero visibility into their own AI agent traffic

Source · Salt Security H1 2026
02
40%+

of enterprise AI agent projects projected to fail without governance controls by 2027

Source · Gartner AI Adoption Report 2026
03
9 days

detection lag in the Vercel/Context.ai breach — the average for ungoverned agent incidents

Source · Vercel Security Bulletin, April 2026
Read the full reportDownload PDF6 stats · 5 findings · 5 recommendations
/ 09
START

Every agent needs a mandate.

Get a free shadow scan. See every agent in your stack in 60 seconds.

Get a free shadow scan