Independent ratings · Agent economy

Trust is a formula.

Datumline publishes evidence-based counterparty grades on the software AI agents connect to — starting with MCP servers, the layer through which agents are granted access to mail, files, payments, and enterprise systems.

One scale. Calibrated meaning.

Every grade maps to an expected incident rate over the surveillance window — and every grade is backtested against documented failures. A rating you can't calibrate is an adjective.

DL-1SealedStrongest evidence across identity, conduct, continuity, soundness, and stewardship. Rare by design.
DL-2SoundVerified identity and consistent observed behavior; minor findings with credible remediation.
DL-3AdequateAcceptable with reservations — limited history, unverified identity, or open findings under watch.
DL-4CautionMaterial weaknesses observed: recent ownership transfer, scope drift, or unremediated exposure.
DL-5AvoidEvidence of deceptive, unsafe, or malicious behavior. Hard-capped; no analyst discretion.

Modifiers: u identity unverified  ·  w on watch — a trigger has fired and surveillance is elevated. Entities with insufficient history are listed NR, not rated.

Five questions. Any counterparty.

Every Datumline grade answers the same five questions from machine-gathered evidence — registry histories, sandboxed behavioral analysis, vulnerability records — scored on fixed bands, composited under calibrated weights, and subject to hard caps for non-negotiable failures.

Q1

Identity

Is it who it says it is? Provenance, verifiability, authenticity of its ecosystem footprint.

Q2

Conduct

Does it do what it declares — and only that? Claims tested against observed behavior.

Q3

Continuity

Will it stay what it is? Ownership transfers, behavioral drift, update integrity over time.

Q4

Soundness

Can it be broken — or is it already? Vulnerability profile, authentication, exposure.

Q5

Stewardship

Who answers when it fails? Remediation speed, disclosure practice, maintenance reality.

How ratings work

Built the way rating agencies have worked for a century — rebuilt for counterparties that are software, and consumers that are machines.

Machine-checkable

Grades are designed to be consumed at decision time — by an agent's spending policy, a CI pipeline, or a gateway — via API and MCP lookup, not just read by people.

Continuous surveillance

Ratings don't expire into stale PDFs. Triggers fire on ownership transfers, behavioral diffs, and new disclosures; downgrades publish immediately.

Right of reply

Before an adverse rating publishes, the rated party receives notice and a response window. Corrections follow a published procedure.

Institutional authorship

All grades are issued by Datumline under its Analyst Independence Policy — no individual authorship, so no analyst can be pressured or courted by a rated entity.

Status · July 2026

The inaugural MCP server cohort is under evaluation: a 12-month historical backtest against documented incidents, followed by a live observation window. First ratings — and the backtest results behind them — publish with the methodology.

Datumline Watch

A short digest of grade actions, watch flags, and what changed in the trust picture of the agent ecosystem. No noise; only actions.

Subscribe by email

One email opens a draft to watch@datumline.dev — send it and you're on the list.