AgentGrade Grading Methodology
AgentGrade assigns each AI agent a security grade from A (best) to F (worst) based on passive, non-intrusive checks.
Scoring Rubric (100 points)
| Check | Points |
|---|---|
| HTTPS enabled | 20 |
| Authentication required | 15 |
| No admin panel exposed | 10 |
| Content-Security-Policy header | 3 |
| Strict-Transport-Security header | 3 |
| X-Frame-Options header | 3 |
| X-Content-Type-Options header | 3 |
| No wildcard CORS | 8 |
| No credentials exposed | 10 |
| Listed in known registry | 5 |
| No server version leak | 5 |
| No open redirect | 5 |
| No directory listing / sensitive files | 5 |
| No error information leak | 5 |
Grade Thresholds
| Grade | Score Range |
|---|---|
| A | 90-100 |
| B | 75-89 |
| C | 60-74 |
| D | 40-59 |
| F | 0-39 |
What We Check
All checks are passive HTTP GET requests only. We never attempt authentication, send POST requests, or perform any exploitation. Our crawler identifies itself with User-Agent: AgentGrade/1.0 (security research; agentgrade.net).
Server Version Leak
Checks whether the Server HTTP response header reveals version information (e.g. Apache/2.4.41, nginx/1.18). Exposing server versions helps attackers identify known vulnerabilities.
Open Redirect
Detects if the agent's endpoint redirects to a different domain than originally requested. Open redirects can be abused for phishing and credential theft.
Directory Listing / Sensitive Files
Probes common sensitive paths (/.env, /.git, /config) to check if they return content. Exposed configuration files can leak secrets, credentials, and internal architecture details.
Error Information Leak
Requests a non-existent path and checks whether the error response contains stack traces or debugging information. Verbose error pages reveal internal code structure and can aid exploitation.