Agent Gallery
Agent Gallery OperationsCertifying Agents

Agent Readiness Measures

How the Agent Gallery certifies agents across Functionality, Performance, and Security.

Certifying Agents

Outcome: a clear, explainable certification that scales across thousands of agents.

Each agent in the Gallery is certified on three pillars:

  • Performance — effectiveness, correctness & latency
  • Security — risk-based posture, supply chain & agent-specific (i.e. prompt-injections)
  • Functional — ecosystem readiness & usability
DimensionMetric TypeAssessment OutputFrequency
PerformanceQuantitativePass / FailPost-Build / Continuous (latency measured at runtime)
SecurityQualitative Risk MatrixA, B, C, DPeriodic (currently every 30 days, compliant to ageing policy)
FunctionalEcosystem ReadinessExcellent, Strong, Moderate and BasicPost-Build

Whenever viewing the details of an agent, we can see the current certification status for Performance, Functional and Security dimensions. Clicking on the See details link on each of the certification status cards will open a dialog with the specific certification details.

Agent certification overview dashboard showing summary tiles and statuses.

The performance card consists of performance tests conducted on this agent. Hover each of the icons to see more details.

The Tools work and Latency tests work on aggregate data from multiple users, as such, they are not available for some of the agents on the gallery till more data is collected through frequent usage. Read Performance Certification to see how we validate correctness & speed.

Performance certification interface highlighting latency and correctness metrics.

The functional card consists of performance tests conducted on this agent. Hover each of the icons to see more details. Read Functionality Certification for more details.

Functional certification checklist emphasizing ecosystem readiness.

The security certifcation card consists of the final security score of this agent. Hover each of the icons to see more details (e.g. how many critical, high, medium vulnerabilities were flagged in the container scan). Read Security Certification for details on the grading pipeline.

Security certification risk matrix with graded findings.

Certification Process (at a glance)

Sequence of Certification

For MCP Agents which are built from open source repositories regularly, they follow a sequential order: build, certify, publish to gallery. For new agents that are added by gallery users, the certification process is triggered in parallel so that agents can be onboarded and tested quickly.

  1. Add an Agent
    • Upload metadata, source code, and build recipe.
  2. Evaluation Data
    • A GenAI pipeline generates task-specific evaluation data from the agent metadata.
  3. Run Tests
    • Functionality: static analysis → ground-truth formats & outputs.
    • Performance: tool-use correctness, error rates, and latency.
    • Security: static/dynamic checks, supply-chain scans & risk scoring.
  4. Aggregate & Grade
    • Persist results, compute scores/grades, and publish to the Gallery.

Next steps

Agent Maturity

Understand the AMC-5 maturity levels and certification axes covering performance, security, and functionality.

Performance Certification

Measuring effectiveness, correctness, reliability, and latency under real and synthetic workloads.

On this page

Certifying AgentsCertification in the GalleryCertification Process (at a glance)Next steps