{"audit":{"version":"1.3","generated_at":"2026-06-14T03:30:11.344801+00:00","generated_by":"Agenstry","report_url":"https://agenstry.com/agents/contrastcyber.com","methodology_url":"https://agenstry.com/methodology","verifier_jwks_url":"https://agenstry.com/.well-known/jwks.json","subject":{"domain":"contrastcyber.com","name":"ContrastAPI","url":"https://contrastcyber.com/.well-known/agent-card.json"}},"identity":{"provider":{"organization":"ContrastCyber","url":"https://contrastcyber.com"},"registry_verification":null,"signature":{"signed":false,"signature_valid":null}},"protocol":{"version":"0.3.0","supports_streaming":true,"supports_push_notifications":false},"operational":{"live_state":"wrong_response","live_responds":false,"last_status_code":200,"last_elapsed_ms":76,"last_error":null},"track_record":{"first_seen":"2026-06-14T00:26:35.117583+00:00","last_checked":"2026-06-14T00:26:35.117583+00:00","last_seen_ok":"2026-06-14T00:26:35.117583+00:00","checks_total":1,"checks_ok":1,"uptime_pct":100.0,"archived":false,"archived_reason":null},"conformance":{"score":41,"grade":"D","summary":"D-grade: significant issues, auth-gated, partially broken, or stale.","criteria":[{"key":"valid_card","label":"Valid AgentCard","points":10,"max_points":10,"status":"pass","detail":"Schema-validated A2A AgentCard returned by the well-known endpoint."},{"key":"live_responds","label":"Live JSON-RPC","points":5,"max_points":25,"status":"fail","detail":"Endpoint replies but body isn't a valid JSON-RPC 2.0 A2A response."},{"key":"protocol_version","label":"Protocol version","points":5,"max_points":10,"status":"partial","detail":"Declares pre-1.0 A2A 0.3.0 (Google preview). Upgrade to v1.x for full points."},{"key":"signature","label":"JWS signature","points":0,"max_points":10,"status":"info","detail":"Card is unsigned (most published agents are)."},{"key":"uptime","label":"Uptime track record","points":0,"max_points":15,"status":"info","detail":"Only 1 probe so far, need ≥5 for an uptime grade."},{"key":"skills","label":"Skill declaration","points":10,"max_points":10,"status":"pass","detail":"Declares 8 skills with structured metadata."},{"key":"verified_identity","label":"Verified Identity","points":5,"max_points":10,"status":"partial","detail":"Provider declared: ContrastCyber (https://contrastcyber.com). Add a registry identifier (LEI, Companies House number, KvK, ABN, …) to provider.legalEntity for full verified-business credit."},{"key":"freshness","label":"Freshness + modern flags","points":4,"max_points":5,"status":"pass","detail":"seen in upstream source within 0d"},{"key":"security","label":"Security declaration","points":2,"max_points":5,"status":"partial","detail":"Declares 2 security scheme(s) but none use PKCE or mTLS."}]},"skills":[{"id":"contrast_scan","name":"Contrast Scan","description":"Full-site security scan — 11 checks (SSL, headers, DNS, DNSSEC, cookies, redirects, info disclosure, HTTP methods, CORS, HTML analysis, CSP) scored out of 100 points with a single A-F grade","tags":["security","scan","grade","audit"],"examples":["Scan example.com and grade its security","Run contrast_scan on mydomain.io"],"inputModes":[],"outputModes":[]},{"id":"cve_lookup","name":"CVE Lookup","description":"Look up CVE details with CVSS, EPSS, KEV, patch info","tags":["security","cve","vulnerability"],"examples":["Look up CVE-2021-44228","Get details for Log4Shell"],"inputModes":[],"outputModes":[]},{"id":"audit_domain","name":"Domain Audit","description":"Full-stack domain security audit","tags":["osint","domain"],"examples":["Audit example.com for security issues"],"inputModes":[],"outputModes":[]},{"id":"ssl_check","name":"SSL/TLS Check","description":"Certificate validation + grading (A-F)","tags":["security","ssl"],"examples":["Check SSL cert for api.example.com","Grade TLS config for mydomain.com"],"inputModes":[],"outputModes":[]},{"id":"threat_intel","name":"Threat Intel","description":"Multi-source threat lookup","tags":["threat-intel"],"examples":["Is evil.com malicious?"],"inputModes":[],"outputModes":[]},{"id":"ip_lookup","name":"IP Lookup","description":"IP geolocation, ASN, reputation","tags":["osint","ip"],"examples":["Who owns 8.8.8.8?","Geolocate 1.1.1.1"],"inputModes":[],"outputModes":[]},{"id":"atlas_technique_lookup","name":"ATLAS Technique Lookup","description":"MITRE ATLAS (AI/ML attack catalog) technique lookup by id (AML.T####). Returns tactics, maturity, ATT&CK bridge, pivot hints","tags":["security","ai-ml","atlas","mitre"],"examples":["Look up AML.T0051 (LLM Prompt Injection)","Details for ATLAS AML.T0000"],"inputModes":[],"outputModes":[]},{"id":"d3fend_defense_for_attack","name":"D3FEND Reverse Lookup","description":"Given an ATT&CK T-code, return all D3FEND defenses that mitigate it. Bridges offensive intel (CVE/ATLAS/ATT&CK) to defensive playbook","tags":["security","d3fend","defense","mitre","attack"],"examples":["What D3FEND defenses mitigate T1059?","Defenses for T1550.001"],"inputModes":[],"outputModes":[]}],"provenance":[{"source":"manifests","first_seen":"2026-06-14T00:26:35.117583+00:00"}],"recent_probes":[{"fetched_at":"2026-06-14T00:26:35.117583+00:00","ok":true,"status_code":200,"error":null,"elapsed_ms":76,"live_responds":false}],"catalog_attestation":null,"verification_history":[]}