Skip to content
Product overview

AgentReady checks whether agent-facing contracts are ready to be used safely in automation.

Community is available now for local static OpenAPI and MCP analysis. Pro is planned for paid policy workflow, repository controls and commercial automation after the required product and legal gates are complete.

Browser scanners

Review OpenAPI JSON/YAML and MCP tool definitions locally before committing workflow changes.

CLI

Run npx @timeproofs/agentready@alpha for repeatable local checks and generated reports.

GitHub Action

Gate pull requests with the public Action, minimum permissions and immutable pinning.

Reproducible OpenAPI exampleagentready-examples/commercial/openapi-refund-risk.bad.json
54
AgentReady Score
Policy FAIL
1Critical
4High
6Medium
0Low
AR002_MISSING_CONFIRMATION_BOUNDARY

The contract leaves a destructive action without an explicit confirmation boundary.

node bin/agentready.js scan openapi agentready-examples/commercial/openapi-refund-risk.bad.json --min-score 75 --fail-on critical

Fixed fixture comparison: openapi-refund-risk.fixed.json returns score 84 and policy PASS.

Reproducible MCP exampleagentready-examples/commercial/mcp-email-risk.bad.json
63
AgentReady Score
Policy FAIL
1Critical
3High
4Medium
0Low
AR003_DESTRUCTIVE_OPERATION_AMBIGUOUS

An email tool can send externally without enough confirmation, preview or recipient boundaries.

node bin/agentready.js scan mcp agentready-examples/commercial/mcp-email-risk.bad.json --min-score 75 --fail-on critical

Fixed fixture comparison: mcp-email-risk.fixed.json returns score 90 and policy PASS.

TimeProofs AgentReady does not guarantee that an AI agent will never fail. It identifies structural risks that may cause AI agents to misuse APIs, tools or MCP servers. AgentReady does not execute live APIs, live MCP servers, LLMs, hosted scanners, firewalls or gateways.