Skip to main content
Agent Passport is a standardized identity card for each AI system in your project. Complior analyzes your code’s AST and auto-fills 65–70% of the 36 fields — identity, permissions, constraints, risk class, and compliance status.
Why it matters: EU AI Act Art.26 requires every deployer to maintain a registry of AI systems. Art.27 requires FRIA for high-risk systems. Art.49 requires EU Database registration. The passport is your answer to the regulator.

Generate passports

Passports are created automatically during the first complior scan. You can also generate them manually:
If passports already exist, agent init skips them:

List and inspect passports

What gets auto-filled

agent_id, name, display_name, description, version, created, updatedSource: entry file name, framework config, auto-generated UUID.
type (autonomous/assistive/hybrid), autonomy_level (L1–L5), human_approval_gates, unsupervised_actions, killSwitchPresentSource: L4 AST pattern matching — counts human gates vs unsupervised actions.
framework, model.provider, model.model_id, model.deployment, model.data_residencySource: L3 dependency analysis + SDK detection + profile.json.
permissions.tools, permissions.data_access (read/write/delete), permissions.denied, permissions.data_boundariesSource: Permission scanner — analyzes tool definitions, DB patterns, explicit deny lists.
risk_class, applicable_articles, deployer_obligations_met, deployer_obligations_pending, complior_scoreSource: Computed from autonomy level × project domain. Auto-updates after every scan.
responsible_person, override_mechanism, escalation_procedureGenerated automatically for high-risk systems or autonomy L3+. Uses kill-switch detection from AST.

What needs manual input

Check what’s missing with complior agent completeness:
Edit directly in JSON (nano .complior/agents/my-agent-manifest.json) or use the TUI Passport page (hotkey P).

Passport validation

For CI — exit code 1 on errors:

Export formats

Share your passport in industry-standard formats:
Google’s Agent-to-Agent Card format for agent interoperability.

Automatic updates

The passport is a living document. After every complior scan, the passport auto-updates:
  • compliance.complior_score — refreshed to latest score
  • compliance.last_scan — updated timestamp
  • signature — re-signed with ed25519
This happens via the scan.completed event in the background daemon. You don’t need to do anything.

Next steps

Your First Fix

Auto-fix compliance issues and generate documents.

Passport Deep Dive

2 modes, 11-stage data pipeline, all 36 fields.

Endpoint Detection

How endpoints are auto-detected and how to add them manually.