From bca8ef785de345db07b68fe4296ff75581baa1b5 Mon Sep 17 00:00:00 2001 From: Kai Date: Mon, 9 Feb 2026 20:15:53 -0800 Subject: [PATCH] feat: wire trust center to persistent security data --- data/trust-center.json | 95 +++++++ src/app/api/trust/route.ts | 58 ++++ src/app/trust-center/page.tsx | 3 + src/app/trust/page.tsx | 423 ++-------------------------- src/app/trust/trust-page-client.tsx | 229 +++++++++++++++ src/lib/trustCenter.ts | 44 +++ 6 files changed, 451 insertions(+), 401 deletions(-) create mode 100644 data/trust-center.json create mode 100644 src/app/api/trust/route.ts create mode 100644 src/app/trust-center/page.tsx create mode 100644 src/app/trust/trust-page-client.tsx create mode 100644 src/lib/trustCenter.ts diff --git a/data/trust-center.json b/data/trust-center.json new file mode 100644 index 00000000..28ab9953 --- /dev/null +++ b/data/trust-center.json @@ -0,0 +1,95 @@ +{ + "overallTrustScore": 93, + "securityCategories": [ + { + "id": "data-protection", + "label": "Data Protection", + "score": 95 + }, + { + "id": "authentication", + "label": "Authentication", + "score": 91 + }, + { + "id": "encryption", + "label": "Encryption", + "score": 96 + }, + { + "id": "access-control", + "label": "Access Control", + "score": 89 + }, + { + "id": "monitoring", + "label": "Monitoring", + "score": 92 + } + ], + "auditResults": { + "overallStatus": "passed", + "lastAudit": "2026-01-20", + "nextAudit": "2026-04-20", + "findings": { + "critical": 0, + "high": 0, + "medium": 2, + "low": 5 + } + }, + "certifications": [ + { + "name": "SOC 2 Type II", + "status": "passed", + "lastAudit": "2026-01-20" + }, + { + "name": "ISO 27001", + "status": "in-progress", + "lastAudit": "2025-12-05" + }, + { + "name": "GDPR Readiness", + "status": "passed", + "lastAudit": "2026-01-08" + }, + { + "name": "CCPA Compliance", + "status": "passed", + "lastAudit": "2025-11-30" + } + ], + "incidentHistory": [ + { + "date": "2026-02-02", + "severity": "low", + "description": "Automated rate limiter flagged abnormal signup bursts from a single ASN.", + "status": "resolved" + }, + { + "date": "2026-01-27", + "severity": "medium", + "description": "Temporary API token validation mismatch impacted a subset of requests.", + "status": "resolved" + }, + { + "date": "2026-01-19", + "severity": "high", + "description": "Credential stuffing attempt blocked by adaptive challenge policy.", + "status": "resolved" + }, + { + "date": "2026-01-11", + "severity": "low", + "description": "False-positive malware signature quarantined one uploaded artifact.", + "status": "resolved" + }, + { + "date": "2026-01-06", + "severity": "medium", + "description": "Suspicious session replay pattern detected during anomaly monitoring.", + "status": "investigating" + } + ] +} diff --git a/src/app/api/trust/route.ts b/src/app/api/trust/route.ts new file mode 100644 index 00000000..6822af3b --- /dev/null +++ b/src/app/api/trust/route.ts @@ -0,0 +1,58 @@ +import { promises as fs } from "fs"; +import path from "path"; +import { NextResponse } from "next/server"; +import type { TrustCenterData } from "@/lib/trustCenter"; + +export const runtime = "nodejs"; + +const TRUST_CENTER_PATH = path.join(process.cwd(), "data", "trust-center.json"); + +async function readTrustCenterData(): Promise { + try { + const raw = await fs.readFile(TRUST_CENTER_PATH, "utf-8"); + const parsed = JSON.parse(raw) as TrustCenterData; + + if ( + typeof parsed?.overallTrustScore !== "number" || + !Array.isArray(parsed.securityCategories) || + !Array.isArray(parsed.certifications) || + !Array.isArray(parsed.incidentHistory) + ) { + return null; + } + + return parsed; + } catch { + return null; + } +} + +export async function GET() { + const data = await readTrustCenterData(); + + if (!data) { + return NextResponse.json( + { + error: "Trust center data unavailable", + }, + { + status: 500, + } + ); + } + + return NextResponse.json( + { + overallTrustScore: data.overallTrustScore, + auditResults: data.auditResults, + securityCategories: data.securityCategories, + certifications: data.certifications, + incidentHistory: data.incidentHistory, + }, + { + headers: { + "Cache-Control": "no-store", + }, + } + ); +} diff --git a/src/app/trust-center/page.tsx b/src/app/trust-center/page.tsx new file mode 100644 index 00000000..71a455cd --- /dev/null +++ b/src/app/trust-center/page.tsx @@ -0,0 +1,3 @@ +/* eslint-disable react/no-unescaped-entities */ +export { metadata } from "@/app/trust/page"; +export { default } from "@/app/trust/page"; diff --git a/src/app/trust/page.tsx b/src/app/trust/page.tsx index 147625d5..3134c246 100644 --- a/src/app/trust/page.tsx +++ b/src/app/trust/page.tsx @@ -1,416 +1,37 @@ -import { Metadata } from 'next'; -import { Shield, AlertCircle, Mail, UserCheck, Building2, TrendingUp, Clock, MessageSquare, AlertTriangle, CheckCircle2, FileText } from 'lucide-react'; -import { Card } from '@/components/ui/card'; -import { Button } from '@/components/ui/button'; -import { Badge } from '@/components/ui/badge'; -import { Input } from '@/components/ui/input'; -import { Textarea } from '@/components/ui/textarea'; -import { Label } from '@/components/ui/label'; -import trustData from '@/data/trust.json'; +/* eslint-disable react/no-unescaped-entities */ +import { Metadata } from "next"; +import { Shield } from "lucide-react"; +import { TrustPageClient } from "./trust-page-client"; export const metadata: Metadata = { - title: 'Trust & Safety Center | forAgents.dev', - description: 'Learn about trust scores, verification levels, content policy, and how we keep the forAgents.dev marketplace safe and reliable.', + title: "Trust Center | forAgents.dev", + description: + "Real-time trust center data for security posture, compliance status, and incident history on forAgents.dev.", openGraph: { - title: 'Trust & Safety Center | forAgents.dev', - description: 'Learn about trust scores, verification levels, content policy, and how we keep the forAgents.dev marketplace safe and reliable.', - url: 'https://foragents.dev/trust', - siteName: 'forAgents.dev', - type: 'website', + title: "Trust Center | forAgents.dev", + description: + "Real-time trust center data for security posture, compliance status, and incident history on forAgents.dev.", + url: "https://foragents.dev/trust", + siteName: "forAgents.dev", + type: "website", }, }; -const iconMap: Record> = { - AlertCircle, - Mail, - UserCheck, - Building2, -}; - export default function TrustPage() { return (
-
- {/* Hero Section */} -
-
-
- -
-
-
-

- Trust & Safety at forAgents.dev -

-

- Building a secure, trustworthy marketplace for AI agents. Learn how we calculate trust scores, - verify identities, enforce policies, and respond to community reports. +

+
+
+ +
+

Trust Center

+

+ Security posture and compliance data are served from persistent trust center records through the /api/trust endpoint.

- {/* Trust Score Methodology */} -
-
-

- - Trust Score Methodology -

-

- Trust scores range from 0-100 and reflect an agent's reliability, verification status, - community reputation, and operational history. -

-
- -
- {trustData.trustScoreFactors.map((factor) => ( - -
-

{factor.name}

- - {factor.weight} - -
-

{factor.description}

-
- ))} -
- - -

- - How Trust Scores are Calculated -

-

- Trust scores are calculated using a weighted formula that combines all factors above. - Scores are updated daily and reflect a 30-day rolling window for dynamic factors like uptime and reviews. -

-
- - Trust Score = (Verification × 0.30) + (Uptime × 0.25) + (Reviews × 0.20) + (Age × 0.15) + (Engagement × 0.10) - -
-
-
- - {/* Verification Levels */} -
-
-

- - Verification Levels -

-

- Progress through verification tiers to build trust, unlock benefits, and boost your marketplace presence. -

-
- -
- {trustData.verificationLevels.map((level) => { - const IconComponent = iconMap[level.icon] || AlertCircle; - return ( - -
- {/* Icon & Title */} -
-
- -
-
-

{level.name}

- {level.trustScoreBonus && ( - - {level.trustScoreBonus} - - )} -
-
- - {/* Requirements & Benefits */} -
-
-

Requirements

-
    - {level.requirements.map((req, idx) => ( -
  • - - {req} -
  • - ))} -
-
- -
-

Benefits

-
    - {level.benefits.map((benefit, idx) => ( -
  • - - {benefit} -
  • - ))} -
- {level.limitations && ( -
-

Limitations

-
    - {level.limitations.map((limitation, idx) => ( -
  • - - {limitation} -
  • - ))} -
-
- )} -
-
-
-
- ); - })} -
-
- - {/* Content Policy */} -
-
-

- - Content Policy -

-

- Clear guidelines for what is and isn't allowed on forAgents.dev. -

-
- -
- -
- -

Allowed Content

-
-
    - {trustData.contentPolicy.allowed.map((item, idx) => ( -
  • - - {item} -
  • - ))} -
-
- - -
- -

Prohibited Content

-
-
    - {trustData.contentPolicy.prohibited.map((item, idx) => ( -
  • - - {item} -
  • - ))} -
-
-
-
- - {/* Incident Response Timeline */} -
-
-

- - Incident Response Timeline -

-

- How we handle abuse reports from submission to resolution. -

-
- -
- {/* Timeline line */} -
- -
- {trustData.incidentResponseTimeline.map((stage, idx) => ( - - {/* Timeline dot */} -
-
-
- -
-

{stage.stage}

- - {stage.timeframe} - -
-

{stage.description}

- - ))} -
-
-
- - {/* Abuse Reporting Section */} -
-
-

- - Report Abuse -

-

- Help us maintain a safe community. Report violations of our content policy or suspicious behavior. -

-
- - -
-
-
- - -
- -
- - -
-
- -
- - -
- -
- -