A developer has launched Agent Passport, an open-source identity verification system for AI agents that functions like OAuth for autonomous software. The project addresses a critical security gap as AI agents proliferate across platforms, with OpenClaw reaching 180K+ GitHub stars and Moltbook managing 2.3M agent accounts.

Existing agent ecosystems lack standardized authentication, creating vulnerabilities where malicious agents can impersonate legitimate ones. Cisco's security team recently discovered data exfiltration through third-party agent skills, highlighting the urgency. Agent Passport implements Ed25519 challenge-response authentication where private keys never leave the agent, issues JWT identity tokens with 60-minute TTL that can be revoked, and includes a risk scoring engine that rates agents 0-100 for allow/throttle/block decisions.

The system integrates with a single line of code: `const result = await passport.verify(token)`. Built as MIT-licensed open source, it runs on free tiers costing $0/month and includes an npm SDK. The developer created it after repeatedly encountering the same authentication gaps across agent platforms, positioning Agent Passport as infrastructure for the growing agent economy.