Practice the vocabulary of letting independently built AI agents discover and communicate with each other.
0 / 5 completed
1 / 5
At standup, a dev mentions a standardized protocol that lets an AI agent built by one team discover and communicate with an agent built by an entirely different team or vendor. What is this called?
An agent-to-agent, or A2A, protocol standardizes how an agent built by one team can discover and communicate with an agent built by an entirely different team or vendor. A one-off, custom integration built separately for every pair of agents doesn't scale as the number of agents needing to interoperate grows. This standardized protocol is what lets an ecosystem of independently built agents actually work together.
2 / 5
During a design review, the team wants an agent to publish a discoverable description of its own capabilities, so another agent can determine whether it's the right one to delegate a subtask to. Which capability supports this?
An agent capability card, or manifest, publishes a discoverable description of what a given agent can do, so another agent can determine at runtime whether it's the right one to delegate a subtask to. Requiring every agent to already know another's full capabilities in advance doesn't scale as new agents are added to an ecosystem. This discoverable capability description is what enables genuine, dynamic delegation between independently built agents.
3 / 5
In a code review, a dev notices a message passed between two agents over the protocol is authenticated and signed, rather than accepted from any sender with no verification. What does this represent?
Authenticated, signed messaging verifies that a message passed between two agents genuinely came from the agent it claims to be from, rather than accepting any sender with no verification at all. Accepting unverified messages risks a malicious actor impersonating a trusted agent to manipulate a delegated task. This authentication is essential once agents built by different, independent parties need to trust each other's messages.
4 / 5
An incident report shows one agent delegated a sensitive subtask to another agent whose actual capabilities didn't match its published capability card, causing the subtask to fail unexpectedly. What practice would prevent this?
Verifying a delegated agent's actual behavior against its published capability claims, especially for a sensitive subtask, catches a mismatch before it causes an unexpected failure downstream. Trusting a published card completely with no verification risks exactly this kind of surprise. This verification step matters because a capability card is a claim made by the agent's own publisher, not an independently audited guarantee.
5 / 5
During a PR review, a teammate asks why the team requires authenticated, signed messages for agent-to-agent communication instead of accepting a message from any sender claiming to be a trusted agent. What is the reasoning?
An unauthenticated message could be sent by an impersonator claiming to be a trusted agent, especially once agents built by different, independent parties are communicating over a shared protocol. Signed authentication verifies the message's real origin before it's acted on. The tradeoff is the added infrastructure of managing keys and signatures across every agent participating in the protocol.