Skip to main content
Agent Passport is a standardized identity card for each AI system in your project. Complior analyzes your code’s AST and auto-fills 65–70% of the 36 fields — identity, permissions, constraints, risk class, and compliance status.
Why it matters: EU AI Act Art.26 requires every deployer to maintain a registry of AI systems. Art.27 requires FRIA for high-risk systems. Art.49 requires EU Database registration. The passport is your answer to the regulator.

Generate passports

Passports are created automatically during the first complior scan. You can also generate them manually: 
complior agent init             # manual discovery (optional)
complior agent init --force     # regenerate all passports

Discovering AI agents in .

Found 3 agent(s):

  @complior/engine-openai
  @complior/engine-anthropic
  @complior/engine-langchain

Passports signed with ed25519 ✓
If passports already exist, agent init skips them: 
Skipped 3 existing passport(s):

  @complior/engine-openai (already exists, use --force to overwrite)
  @complior/engine-anthropic (already exists, use --force to overwrite)
  @complior/engine-langchain (already exists, use --force to overwrite)

All discovered agents already have passports.
Run `complior agent init --force` to regenerate.

List and inspect passports

complior agent list

◆ Agent Passports  ·  1 agent

--------------------------------------------------------------------------------
NAME                 LEVEL    TYPE         RISK       SCORE    STATUS
--------------------------------------------------------------------
e2e-test-agent       L3       autonomous   high       40       draft

complior agent show e2e-test-agent

◆ Agent Passport  ·  E2E Test Agent
--------------------------------------------------------------------------------

ID       imported-e2e-test-agent-1773499654476
Version  1.0.0
Autonomy L3 (autonomous)

COMPLIANCE
  Risk class:   high
  Score:       40/100

MODEL
  Provider:    anthropic
  Deployment:  https://example.com/agent

CONSTRAINTS
  Rate limit:  60/min
  Budget:      $10.00/session

PERMISSIONS
  Tools:       file_read, code_write

DISCLOSURE
  User-facing: no
  AI marking:  no

LIFECYCLE
  Status:      draft
  Frequency:   every 90d

SOURCE
  Mode:        semi-auto
  Confidence:  50%

SIGNATURE
  Signed at:   2026-03-25T13:41:13.038Z
  Algorithm:   ed25519

What gets auto-filled

agent_id, name, display_name, description, version, created, updatedSource: entry file name, framework config, auto-generated UUID.
type (autonomous/assistive/hybrid), autonomy_level (L1–L5), human_approval_gates, unsupervised_actions, killSwitchPresentSource: L4 AST pattern matching — counts human gates vs unsupervised actions.
framework, model.provider, model.model_id, model.deployment, model.data_residencySource: L3 dependency analysis + SDK detection + profile.json.
permissions.tools, permissions.data_access (read/write/delete), permissions.denied, permissions.data_boundariesSource: Permission scanner — analyzes tool definitions, DB patterns, explicit deny lists.
risk_class, applicable_articles, deployer_obligations_met, deployer_obligations_pending, complior_scoreSource: Computed from autonomy level × project domain. Auto-updates after every scan.
responsible_person, override_mechanism, escalation_procedureGenerated automatically for high-risk systems or autonomy L3+. Uses kill-switch detection from AST.

What needs manual input

Check what’s missing with complior agent completeness: 
complior agent completeness e2e-test-agent

Passport Completeness: e2e-test-agent

  Score: [#####################---------] 70%
  Fields: 19/27 required fields filled

  MISSING FIELD                            OBLIG.     ARTICLE      DESCRIPTION
  -------------------------------------------------------------------------------
  owner.team                               OBL-012    Art.26(6)    Team responsible for AI system
  owner.contact                            OBL-012    Art.26(6)    Contact for AI system inquiries
  owner.responsible_person                 OBL-012    Art.26(6)    Designated responsible natural person
  model.model_id                           OBL-013    Art.13(3)    Model identifier for traceability
  constraints.human_approval_required      OBL-014    Art.14(4)    Actions requiring human approval
  constraints.prohibited_actions           OBL-005    Art.5        Prohibited AI practices
  disclosure.disclosure_text               OBL-050    Art.50(1)    Disclosure text shown to users
  lifecycle.next_review                    OBL-026L   Art.26(5)    Next scheduled review date
Edit directly in JSON (nano .complior/agents/my-agent-manifest.json) or use the TUI Passport page (hotkey P).

Passport validation

complior agent validate e2e-test-agent

e2e-test-agent: PASS
  Schema:       pass
  Signature:    pass
  Completeness: 70%
  WARN: Passport is still in draft status
  WARN: Completeness score 70% is below 80% threshold
For CI — exit code 1 on errors: 
complior agent validate e2e-test-agent --ci

Export formats

Share your passport in industry-standard formats: 
complior agent export e2e-test-agent --format a2a

Exporting passport 'e2e-test-agent' as a2a...

Passport exported: e2e-test-agent
  Format:   a2a
  Valid:    yes
  Saved to: .complior/exports/e2e-test-agent-a2a.json

complior agent export <name> --format a2a
Google’s Agent-to-Agent Card format for agent interoperability.

Automatic updates

The passport is a living document. After every complior scan, the passport auto-updates:
  • compliance.complior_score — refreshed to latest score
  • compliance.last_scan — updated timestamp
  • signature — re-signed with ed25519
This happens via the scan.completed event in the background daemon. You don’t need to do anything.

Next steps

Your First Fix

Auto-fix compliance issues and generate documents.

Passport Deep Dive

2 modes, 11-stage data pipeline, all 36 fields.