Gradaris connects to your AI agents however they were built, scores them against the EU AI Act and your governance policies, and produces cryptographically signed evidence you can hand directly to an auditor.
Gradaris sits between your AI applications and your regulators — registering, scoring, and generating tamper-proof evidence automatically.
Three steps. Works for engineers, power users, and non-technical teams. All three paths produce the same governance record.
Engineers use the Python SDK. Power users use a webhook. Non-technical teams register through a plain-English form. All three paths produce the same governance record — regardless of what tool built the agent and whoever built it.
Every agent run generates telemetry. Gradaris scores it across 12 criteria in three tiers — Verified Controls, Empirical Benchmarks, and Structured Assessment — mapped directly to EU AI Act articles.
Each agent receives a Gradaris Governance Score (A–F), a cryptographically signed evidence package, and a PDF report you can hand directly to a regulator or auditor — on demand, at any time.
The biggest governance gap isn’t the AI systems IT controls — it’s the agents everyone else built. Gradaris has a path for every creator.
Drop into any Python agent in minutes. Zero dependencies. Async telemetry that never slows your agent. Works with LangChain, AutoGen, and custom agents.
Built your agent in Make, Zapier, Power Automate, or n8n? Add one HTTP step. No code required. Pre-built blueprints for the most common platforms.
Finance, marketing, or operations teams built an agent in ChatGPT or Copilot? Fill in a plain-English form. Gradaris creates the governance record automatically.
Most governance tools stop at the boundary of a single AI system. Gradaris goes further — governing the trust relationships between agents, not just the agents themselves.
As AI systems increasingly orchestrate other AI systems, the risk surface expands beyond any single model. Gradaris logs every agent-to-agent call, enforces trust policies, and produces a cryptographic audit trail — fully aligned with EU AI Act Article 12 requirements for automated decision systems.
Every AI agent that passes Gradaris assessment receives a permanent, publicly accessible Trust ID. Regulators, counterparties, and customers can verify governance status at any time — no Gradaris account required.
The Gradaris Public Trust Registry turns internal compliance into external proof. It's the difference between telling a regulator your agents are governed and showing them a live, cryptographically-backed record they can verify themselves.
GRD-AI-YYYY-NNNNNN, assigned on first certificationverify.gradaris.com/{id}, showing live grade, score, and certification dateGET /api/v1/trust/{id} returns agent_id, status, tier, score, and certified_sinceEvery Gradaris Governance Score comes with a tier breakdown, confidence levels, EU AI Act article mapping, and a cryptographic integrity hash you can defend in front of any auditor.
Binary pass/fail checks verified from system logs. High confidence. Any failure caps the maximum score at 59 — forcing a Grade D or lower regardless of other scores.
Statistical tests against versioned, published test suites. Reproducible by any party. Medium-high confidence. Results are stable and verifiable independently.
Fixed, versioned rubric with weighted sub-criteria. Assessor-reviewed with fully auditable process. Medium confidence — the most interpretive tier, fully documented.
| Grade | Score range | Interpretation |
|---|---|---|
| A | 90–100 | Exemplary — audit-ready evidence, all Tier 1 controls verified |
| B | 75–89 | Good standing — minor gaps, no critical control failures |
| C | 60–74 | Acceptable — identified improvements required for full compliance |
| D | 45–59 | At risk — Tier 1 control failure or significant gaps present |
| F | 0–44 | Non-compliant — urgent remediation required before audit |
Every report carries a SHA-256 hash of the assessment methodology, input data, and scoring criteria. If any element changes, the hash changes. Tamper-evident by design.
Gradaris scores are not just internal metrics. Every assessment maps to specific articles in major AI governance frameworks so your evidence is directly usable with regulators.
Full mapping to Title III high-risk AI obligations. Articles 9, 10, 12, 13, 14, and 15 each have corresponding Gradaris assessment criteria. Evidence packages reference article numbers directly.
Gradaris scores cross-reference the NIST AI Risk Management Framework, ISO/IEC 42001, and OECD AI Principles so your governance program remains valid as the regulatory landscape evolves beyond the EU.
Gradaris integrates with enterprise identity providers via SAML-based Single Sign-On (SSO). Administrators can configure SSO, manage access, and enforce identity controls through the admin portal.
Connect Okta, Azure AD, Google Workspace, or any SAML 2.0 identity provider.
Map identity provider groups to Gradaris roles. Control who can view, assess, or administer.
Configure SSO, manage users, enforce policies, and view the full SSO audit log from one interface.
Every login, provisioning event, and configuration change is logged and searchable.
Generate a Trust ID for any AI system in minutes. Receive a governance score, personalised insights, and a verifiable Trust ID — listed on the public Gradaris Trust Registry.
GRD-AI-YYYY-NNNNNN Trust ID is issued, SHA-256 hashed, and listed on verify.gradaris.com with your governance gaps and what you can improve.No credit card · 2 minutes · Real governance record
Book a 30-minute walkthrough and we’ll show you what governance looks like for your specific AI agents — from connection to evidence package.