Public methodology

How Kanon computes, caps, and publishes every public score.

Each agent receives five dimension scores out of 100, then a weighted aggregate: Security 30%, Stability 25%, Transparency 20%, Coherence 15%, Reputation 10%. The final score may then be capped by the Security mechanism.

Language: ENCanonical route

Dimensions

5 weighted dimensions

Weighting

30 / 25 / 20 / 15 / 10

Published framework

Kanon Taxonomy

Corrections

Public with changelog

Latest methodology update

Public note: Security added as a fifth dimension with explicit weighting.

Read the note published on April 30, 2026 on the move to five dimensions, the Security cap, and the provisional impact on the 50 indexed agents.

Read the note

Scoring Methodology

Full scoring grid

Each dimension is scored out of 100 from public evidence, permitted direct testing, and observable documentation. The global score uses the following formula: (Security × 0.30) + (Stability × 0.25) + (Transparency × 0.20) + (Coherence × 0.15) + (Reputation × 0.10).

30%

Security

0-100

Measures observable and declared security safeguards: public policies, abuse controls, incident reporting, data protection signals, and visible security commitments.

Signals assessed

Public security policies, commitments, or safeguards.
Observable controls against misuse, unauthorized access, exfiltration, or prohibited use.
Incident-reporting channel, responsible disclosure posture, or correction commitment.
Clarity about handled data, critical dependencies, and operator responsibilities.
0-19

Critical risk, almost no safeguards, or insufficient public evidence.

20-39

Weak controls, visible material gaps, and limited response capacity.

40-59

Intermediate level: credible signals exist but remain incomplete.

60-79

Solid base with observable controls, useful documentation, and credible follow-through.

80-100

Reference-grade level with coherent safeguards, repeated evidence, and legible governance.

25%

Stability

0-100

Measures operational continuity, resilience, monitoring, and the agent’s observable recovery capacity.

Signals assessed

Service continuity, observable uptime, and recovery after incidents.
Presence of monitoring, incident handling, and documented recovery practices.
Ability to maintain service quality under normal or stressed conditions.
History of changes, outages, or interruptions that materially affect users.
0-19

Critical risk, almost no safeguards, or insufficient public evidence.

20-39

Weak controls, visible material gaps, and limited response capacity.

40-59

Intermediate level: credible signals exist but remain incomplete.

60-79

Solid base with observable controls, useful documentation, and credible follow-through.

80-100

Reference-grade level with coherent safeguards, repeated evidence, and legible governance.

20%

Transparency

0-100

Measures how legible the agent is to outsiders: operator identity, documentation, policies, limits, explainability, and escalation paths.

Signals assessed

Operator identification, contact channels, and escalation path.
Terms of use, privacy policy, pricing, and public documentation.
Explanation of workflows, limits, data usage, and key dependencies.
Visibility into stakeholders, responsibilities, and public commitments.
0-19

Critical risk, almost no safeguards, or insufficient public evidence.

20-39

Weak controls, visible material gaps, and limited response capacity.

40-59

Intermediate level: credible signals exist but remain incomplete.

60-79

Solid base with observable controls, useful documentation, and credible follow-through.

80-100

Reference-grade level with coherent safeguards, repeated evidence, and legible governance.

15%

Coherence

0-100

Measures alignment between public claims, observed outputs, documented workflows, and ongoing risk measurement.

Signals assessed

Match between stated positioning and observed product behavior.
Clarity of scope, limits, and the use cases the system truly covers.
Ongoing measurement of quality, errors, drift, or hallucinations.
Consistency across product, documentation, operator communications, and public evidence.
0-19

Critical risk, almost no safeguards, or insufficient public evidence.

20-39

Weak controls, visible material gaps, and limited response capacity.

40-59

Intermediate level: credible signals exist but remain incomplete.

60-79

Solid base with observable controls, useful documentation, and credible follow-through.

80-100

Reference-grade level with coherent safeguards, repeated evidence, and legible governance.

10%

Reputation

0-100

Measures external trust signals: independent mentions, public transaction history, disputes, and accountability.

Signals assessed

Independent third-party mentions, market references, and credible citations.
Public transaction history or other verifiable traction signals.
Complaints, disputes, controversies, or public resolution records.
Quality of operator response to criticism and accountability obligations.
0-19

Critical risk, almost no safeguards, or insufficient public evidence.

20-39

Weak controls, visible material gaps, and limited response capacity.

40-59

Intermediate level: credible signals exist but remain incomplete.

60-79

Solid base with observable controls, useful documentation, and credible follow-through.

80-100

Reference-grade level with coherent safeguards, repeated evidence, and legible governance.

Security Mechanism

Global-score cap imposed by the Security dimension

After the weighted average is computed, Kanon applies a hard ceiling when the Security score falls below specific thresholds. The ceiling only lowers the global score when it is below the weighted average.

Mandatory disclaimer

The Security dimension measures observable and declared security only. It is not a strict technical security audit.

Security < 50

When the Security dimension falls below specific thresholds, a hard ceiling is applied on the global score. Three tiers of caps exist, calibrated to ensure that significant security gaps cannot be compensated by strong performance on other dimensions. The exact thresholds and corresponding caps are maintained as proprietary methodology, consistent with standard practice among independent rating authorities.

The 70 cap applies only when the weighted average is above 70.

Security < 30

Global score capped at 50

The 50 cap replaces the weighted average when it is higher than 50.

Security < 15

Global score capped at 30

The 30 cap is the strictest ceiling in the current methodology.

Publication controls

Publication controls

The following controls apply before any score is published or refreshed.

Rule

Triple verification rule

No subscore is published unless at least three independent sources confirm the observed signal. Accepted combinations include primary sources, third-party mentions, and direct testing.

Rule

Materiality threshold

No agent is scored below a minimum activity and visibility threshold. The methodology is designed for agents with an observable public footprint, not launch noise.

Rule

90-day refresh cycle

Every score is refreshed at least once every 90 days. Earlier refreshes can be triggered when new material evidence appears.

Rule

Counter-argument rule

Before publication, the strongest available counter-argument is identified, documented, and addressed. A score is not cleared until the best objection has been explicitly reviewed.

Rule

Public correction policy

Any material error is corrected publicly and logged in the methodology or profile changelog.

Cross-Framework Translation

Framework Equivalences — How Kanon scores map to official AI frameworks

Cross-framework translation gives teams already working with NIST AI RMF, ISO/IEC 42001, or the EU AI Act a faster interpretation layer. The Security dimension is now explicitly mapped across all frameworks.

Official framework mapping

NIST AI RMF Mapping

Kanon is used here as a compact reading of key NIST AI RMF functions.

Mandatory disclaimer

These equivalences are indicative readings produced by the Kanon methodology. They do not replace official certification or audit by an accredited body.

Security (30%) → NIST Manage + Measure (observable safeguards, incident handling, abuse prevention)
Stability (25%) → NIST Manage (monitoring, continuity, recovery)
Transparency (20%) → NIST Govern (documentation, explainability, stakeholder visibility)
Coherence (15%) → NIST Map + Measure (risk identification and behavior measurement)
Reputation (10%) → NIST Govern (external trust and accountability)

NIST tier alignment: the overall Kanon score is used as a proxy for governance maturity.

Score <50Tier 1
Score 50-69Tier 2
Score 70-84Tier 3
Score 85+Tier 4

Official framework mapping

ISO/IEC 42001 Mapping

The Kanon grid can be read as an indicative coverage view of the most visible clauses in an AI management system.

Mandatory disclaimer

These equivalences are indicative readings produced by the Kanon methodology. They do not replace official certification or audit by an accredited body.

Security → clause 6 (risk treatment) + clause 8 (operational controls)
Stability → clause 8 (Operation) + clause 10 (Improvement)
Transparency → clause 4 (Context) + clause 5 (Leadership)
Coherence → clause 6 (Planning) + clause 9 (Performance evaluation)
Reputation → clause 7 (Support — internal and external communication)

Coverage estimate: Score 70+ ≈ 75-90% ISO 42001 clause coverage. The exact calculation grid is published on this page through subscores, weights, and the Security cap.

Official framework mapping

EU AI Act Mapping

The EU AI Act reading is published article by article whenever the agent falls within the applicable scope.

Mandatory disclaimer

These equivalences are indicative readings produced by the Kanon methodology. They do not replace official certification or audit by an accredited body.

Security + Stability → Article 15 (accuracy, robustness and cybersecurity)
Security + Stability + Coherence + Transparency → Article 16 (provider obligations)
Security + Transparency → Article 26 (deployer obligations)
Transparency → Article 50 (transparency obligations toward natural persons)

Signal output: each applicable article receives an Aligned, Partial, or Not Aligned verdict.

AlignedPartialNot Aligned

Data sources

Public evidence inputs

Kanon uses only public sources or direct observations that stay within the terms of service of the evaluated product.

Source class

Official agent sites

Official agent sites, product pages, pricing pages, terms, privacy policies, documentation, and support pages.

Source class

Operator public pages

Public operator pages, founder profiles, contact channels, company pages, and related public documents.

Source class

Independent third-party mentions

Press mentions, directories, industry databases, partner references, third-party reviews, and independent citations.

Source class

Public transactional data

Publicly available transaction history or commercial proof points when they are accessible and clearly attributable.

Source class

User reviews

Trustpilot, G2, and ProductHunt. These reviews are capped at 50% of the weight of a standard secondary source to avoid reputation inflation.

Source class

Direct product testing

Direct product testing, limited to what is allowed by the product's terms of service and without technical or contractual circumvention.

Changelog

Methodology updates

Every methodology update is date-stamped and preserved publicly.

April 30, 2026

Publication of the methodology note dedicated to the new Security dimension.

The note explains the Security cap logic, the seven-day operational window for assigning an initial Security score to the 50 indexed agents, the 30-day revision window, and the observable-security disclaimer.

Read the public note

April 29, 2026

Methodology update: moved to the 5-dimension weighted 30/25/20/15/10 grid and activated the Security cap mechanism.

Added the Security dimension, a hard cap tied to the Security score, a mandatory disclaimer on observable security, and an initial recalculation of already-indexed agents.

April 28, 2026

Initial publication of the Kanon Methodology with Cross-Framework Translation for NIST AI RMF, ISO/IEC 42001, and the EU AI Act.