Linux Foundation announces the establishment of the AI Agent Foundation (AAIF), funded by Anthropic, OpenAI, and Block with the MCP protocol, Agents.md format, and the edge agent Goose, respectively. It is supported by over 30 tech giants such as Google, Microsoft, Amazon, IBM, SAP, and Shopify, aiming to establish a global technical standard for AI agents that is "open source, cross-platform, and vendor-neutral." The goal is to make "application interconnection" as plug-and-play as USB-C.

image.png

The Three Founding Projects Donated - A Comprehensive View of the AAIF Technical Base 

1. MCP (Model Context Protocol) | Anthropic  

   - Function: A unified "interface" for AI to access data sources/tools; analogous to USB-C, enabling "one-time connection, anywhere use"  

   - Progress: Google, Microsoft, Alibaba, Tencent, and Baidu have announced support; AAIF will host the specification, SDK, and certification testing  

2. Agents.md | OpenAI  

   - Function: A "README" standard format for coding agents; describes steps like installation, testing, and environment variables, reducing "Prompt guessing"  

   - Open Source: Draft available on GitHub; AAIF will be responsible for subsequent version iterations and community governance  

3. Goose | Block (formerly Square)  

   - Function: An open-source agent that can run offline; supports Bash, Docker, and VS Code plugins, suitable for privacy-sensitive scenarios  

   - Features: Default sandbox permissions; AAIF will expand "security audit" and "hardware abstraction" specifications  

Governance Structure: Hosted by the Linux Foundation, with Over 30 Major Companies Joining  

- Operational Entity: Linux Foundation Directed Fund, ensuring that "standards are not controlled by a single vendor"  

- Board: Anthropic, OpenAI, Block, Google, Microsoft, and Amazon are founding directors; there is a Technical Steering Committee (TSC) and a Certification Working Group  

- Member List: Google, Microsoft, Amazon, IBM, SAP, Shopify, Hugging Face, Uber, Cloudflare, Cisco, Oracle, Salesforce, and others are all listed  

 Security Concerns: MCP "Injection Attacks" Are the Primary Target for Fixing 

- Current Situation: MCP server-side often runs locally, lacking unified authentication; hackers can launch "Prompt Injection" via malicious servers to steal Slack and Notion tokens  

- AAIF Roadmap:  

  ① Q1 2025: Release of the "MCP Security Profile" — mandatory OAuth2.0 + Mutual TLS  

  ② Q2 2025: Launch of the "Agent Sandboxing API" — default restrictions on file system/network calls  

  ③ Q3 2025: Initiate the "Red Team Bounty Program" — inviting global white hats to find vulnerabilities in the agent chain  

 Industry Significance: The "TCP/IP" Moment for AI Agents  

- Interoperability: Any agent following MCP can seamlessly call any Agents.md-compliant coding tool without vendor SDKs  

- Lower Barriers: SMEs don't need to rewrite connectors for each large model; individual developers can also "plug-and-play" cloud/local tools  

- Compliance-Friendly: Unified audit logs and permission models, facilitating compliance with regulations like GDPR and CCPA  

Next Steps: Three Prongs - Standards, Certification, and Toolchain 

- Q1 2025: Release of the official MCP 1.0 specification + official Python/TypeScript SDK  

- Q2 2025: Launch of the "AAIF Certified" certification program; agents and tools must pass security and interoperability tests  

- Q3 2025: Launch of the "Agent Store" — certified agents, data sources, and hardware plugins can be listed, with revenue sharing based on usage  

Editor's Note