CapitalGuard

Research and evidence

The evidence layer for AI-agent security.

CapitalGuard publishes the controls, schemas, test vectors, privacy boundary, and verification protocol. Scoring weights, threat intelligence, benchmark data, and signing keys remain protected.

Published by CapitalGuard Security Research · Updated July 12, 2026

Evidence boundary

Public enough to verify. Private enough to protect.

Public evidence contains aggregate categories, control status, scan limits, timestamps, cryptographic digests, and signatures. It excludes repository names, customer identity, source contents, and secret values.

Benchmark publication rule

CapitalGuard will not publish an exposure rate until at least 30 manually eligible assessments exist, and no reported segment will contain fewer than 10 records.

Until that threshold is met, the methodology is public and the benchmark remains unpublished. This prevents tiny samples, customer inference, and invented statistics.

Preferred citation

CapitalGuard. CapitalGuard Standard 1.0.0: AI-Agent Repository Security Baseline and Guardprint Protocol. 2026.

Verify Evidence