Skip to main content
Thank you for your interest in contributing to AIP. This project aims to establish a zero-trust identity standard for autonomous AI agents.

Ways to Contribute

Security Researchers

  • Threat modeling and attack surface analysis
  • Penetration testing of reference implementations
  • Review of cryptographic choices and identity flows

Platform Engineers

  • Kubernetes operators and sidecar implementations
  • Cloud provider integrations (AWS, GCP, Azure)
  • Service mesh integrations (Istio, Linkerd)

AI/ML Engineers

  • Agent framework integrations (LangChain, AutoGPT, CrewAI)
  • MCP transport implementations
  • SDK development (Python, TypeScript, Go)

Compliance Teams

  • Regulatory mapping (SOC2, GDPR, HIPAA, FedRAMP)
  • Audit log schema standardization
  • Policy template libraries

Getting Started

Prerequisites

Before you begin development, ensure you have the following installed:
  • Go 1.21+ (for proxy development)
  • Python 3.11+ (for SDK and examples)
  • Node.js 20+ (for TypeScript SDK)

Development Setup

1

Clone the repository

git clone https://github.com/openagentidentityprotocol/agentidentityprotocol.git
cd agent-identity-protocol
2

Set up Go proxy development

cd proxy
go mod download
go build ./...
3

Set up Python SDK

cd sdk/python
pip install -e ".[dev]"
4

Set up TypeScript SDK

cd sdk/typescript
npm install
npm run build

Contribution Process

1

Issues First

Before starting work, please:
  • Check existing issues for duplicates
  • Open an issue describing what you want to work on
  • Wait for maintainer feedback on approach
This helps avoid duplicate work and ensures your contribution aligns with project goals.
2

Branch Naming

Follow these conventions for branch names:
feat/short-description    # New features
fix/issue-number          # Bug fixes
docs/what-changed         # Documentation
spec/proposal-name        # Specification changes
3

Commit Messages

Follow Conventional Commits:
feat: add OIDC token validation to proxy
fix: handle empty manifest gracefully
docs: clarify egress filtering behavior
spec: add delegation token schema
4

Pull Requests

  • Fill out the PR template completely
  • Ensure CI passes (lint, test, build)
  • Request review from relevant CODEOWNERS
  • Squash commits before merge

Specification Changes

Changes to the AIP specification (spec/) require additional review:
1

RFC Process

Open an issue with [RFC] prefix describing the proposed change
2

Discussion Period

Minimum 2 weeks for community feedback
3

Consensus

Approval from at least 2 maintainers required
4

Backward Compatibility

Document migration path if the change is breaking
Specification changes impact all implementations. They require careful consideration and broad consensus.

Code Style

Ensure your code follows our style guidelines: 
gofmt -s -w .
go vet ./...
golangci-lint run

Testing

All code changes require tests: 
go test -race -cover ./...
Pull requests without tests will not be merged. Aim for meaningful test coverage, not just high percentages.

Documentation

Good documentation is crucial for adoption:
  • Code should be self-documenting with clear names
  • Public APIs require doc comments
  • Complex logic needs inline comments explaining “why”
  • User-facing changes need README/docs updates

Code of Conduct

We follow the Contributor Covenant v2.1. TL;DR: Be respectful, inclusive, and professional. Focus on the work, not the person. See our full Code of Conduct for details.

License

By contributing to AIP, you agree that your contributions will be licensed under the Apache License 2.0.

Questions?

Need help getting started?
  • GitHub Discussions: Architecture and design questions
  • GitHub Issues: Bug reports and feature requests
  • Security Issues: See Security Policy
Thank you for helping make AI agents safer and more accountable.

Build docs developers (and LLMs) love

Get started for freeTalk to us