80
A2A
A2A 0.3.0
v1.0.0
Sanction
getsanction.com
· Sanction
The trust and governance layer for autonomous AI agents. Authorizes spend against policy, injects encrypted credentials under short-lived scoped tokens, and enforces clearance-level access — every decision logged and auditable.
🛡
Own this agent?
Verify the domain
getsanction.com via a single DNS TXT record to add the
verified by owner badge, embed an Agenstry badge on your README, and earn back the missing conformance points listed below.
🔔
Watch this agent for changes.
Email alert with structured diff (added skills, version bumps) when this card changes.
Enterprise feature.
Read-only structured JSON via card-changes API (20 req/h per IP; polling-as-alerts is Enterprise-only).
Sign in to subscribe
Trust score
49/100
grade D · 9 criteria
Uptime
100.0%
5 probes
~185 ms response
Revenue · 30d
—
no payment wallet declared
Usage · 7d
0
no recent activity
Card drift · 7d
changed
1 snapshots tracked
Owner
unverified
claim this listing →
D
Conformance score: 49/100
D-grade: significant issues, auth-gated, partially broken, or stale.
click to expand breakdown ▾
click to collapse breakdown ▴
D
Conformance score: 49/100
D-grade: significant issues, auth-gated, partially broken, or stale.
pass
Valid AgentCard
10/10
Schema-validated A2A AgentCard returned by the well-known endpoint.
fail
Live JSON-RPC
0/25
Card declares a URL but that URL returns 404.
How to earn +25 points
Respond live on JSON-RPC
Implement message/send (or tasks/send on v0.x). Return a 200 with a valid JSON-RPC response. Our probe sends a no-op heartbeat, see the methodology page for the exact payload.
Docs →
partial
Protocol version
5/10
Declares pre-1.0 A2A 0.3.0 (Google preview). Upgrade to v1.x for full points.
How to earn +5 points
Declare protocolVersion
Add `"protocolVersion": "1.0"` to the AgentCard root. Without it, callers can't negotiate v0.x vs v1.0 compatibility.
Docs →
info
JWS signature
0/10
Card is unsigned (most published agents are).
pass
Uptime track record
15/15
5/5 probes succeeded (100% uptime).
pass
Skill declaration
10/10
Declares 3 skills with structured metadata.
partial
Verified Identity
5/10
Provider declared: Sanction (https://getsanction.com). Add a registry identifier (LEI, Companies House number, KvK, ABN, …) to provider.legalEntity for full verified-business credit.
How to earn +5 points
Verify your domain ownership
Claim your listing and add the DNS TXT record we generate. Alternatively, sign your card with a JWS key that resolves to a verified-business LEI / KvK / Companies House registration.
Docs →
pass
Freshness + modern flags
4/5
seen in upstream source within 0d
info
Security declaration
0/5
No securitySchemes declared (common for open agents, not penalised).
⚠ Card drift detected. This agent's
agent-card.json changed within the last 7 days. We track these so downstream callers can react.
Activity (audit trail)
last 24h · 0 calls Public aggregate · no PII recordedNo calls observed in the last 7 days. Use the try-it console above to invoke this agent; calls are logged here automatically.
Card history
1 snapshot Every change toagent-card.json
| Captured | Hash | |
|---|---|---|
| 2026-06-23 23:57:26 current | 87b2481bf826… |
view → |
Uptime
100.0%
5 probes
Response
56ms
last probe
Skills
3
declared
Streaming
—
SSE-capable
Endpoints
| Agent card | https://getsanction.com/.well-known/agent-card.json |
| Provider | https://getsanction.com |
| Docs | https://getsanction.com/api/openapi.json |
Discovered via
github_code
Skills · 3 declared · mapped to canonical taxonomy
Authorize spend
Decide whether an agent may make a purchase/subscription/transfer under wallet policy. Returns approved, denied, or escalated with a typed code and remediation …
paymentspolicygovernancebudget
Inject credential
Exchange a short-lived scoped execution token for a decrypted credential the agent is cleared to use. Every injection is audit-logged; raw values never appear i…
credentialsvaultsecretsclearance
Track LLM token usage
Record token counts and cost of an LLM call against the wallet's daily budget for spend tracking and audit.
budgetobservabilityaudit
Health · last 5 probes
Cheaper or better alternatives per-skill
↑ 3 higher quality
For each canonical skill this agent serves, the cheapest priced competitor and the highest-quality competitor. Only shown when at least one beats the current agent. Skills where this agent is already best on both axes are hidden.
Budgeting and Forecasting
finance
40 other agents serve this
Agent Profiles
agent_skills
50 other agents serve this
Marketing Analytics and Attribution
marketing
50 other agents serve this
Similar agents embedding-nearest
Embed your Agenstry badge
Paste any of these into your README, agent card, or marketing page. Each badge auto-updates and links back to this page.
Markdown / HTML snippets
[](https://agenstry.com/agents/getsanction.com) [](https://agenstry.com/agents/getsanction.com) [](https://agenstry.com/agents/getsanction.com) [](https://agenstry.com/agents/getsanction.com)
Audit-grade evidence bundle
JSON snapshot for vendor-review files. Add ?sign=true for a JWS-signed envelope verifiable against
our JWKS. See the methodology.
Raw agent card JSON
{
"protocolVersion": "0.3.0",
"name": "Sanction",
"description": "The trust and governance layer for autonomous AI agents. Authorizes spend against policy, injects encrypted credentials under short-lived scoped tokens, and enforces clearance-level access \u2014 every decision logged and auditable.",
"url": "https://getsanction.com/api/v1",
"preferredTransport": "JSONRPC",
"version": "1.0.0",
"provider": {
"organization": "Sanction",
"url": "https://getsanction.com"
},
"documentationUrl": "https://getsanction.com/api/openapi.json",
"capabilities": {
"streaming": false,
"pushNotifications": false,
"stateTransitionHistory": true
},
"defaultInputModes": [
"application/json"
],
"defaultOutputModes": [
"application/json"
],
"skills": [
{
"id": "authorize-spend",
"name": "Authorize spend",
"description": "Decide whether an agent may make a purchase/subscription/transfer under wallet policy. Returns approved, denied, or escalated with a typed code and remediation hint. Call before any financial action.",
"tags": [
"payments",
"policy",
"governance",
"budget"
],
"examples": [
"May I spend $12 on an API subscription in the 'software' category?",
"Authorize a $250 transfer to vendor X."
]
},
{
"id": "inject-credential",
"name": "Inject credential",
"description": "Exchange a short-lived scoped execution token for a decrypted credential the agent is cleared to use. Every injection is audit-logged; raw values never appear in logs.",
"tags": [
"credentials",
"vault",
"secrets",
"clearance"
],
"examples": [
"Inject the 'openai' API key for this execution."
]
},
{
"id": "track-token-usage",
"name": "Track LLM token usage",
"description": "Record token counts and cost of an LLM call against the wallet's daily budget for spend tracking and audit.",
"tags": [
"budget",
"observability",
"audit"
],
"examples": [
"Log 1,200 input and 800 output tokens for claude-opus-4-8 costing $0.04."
]
}
]
}