a2a cloud
smoke tests + signed proof

AI agent testing you can prove ran.

You can't trust an agent you haven't tested — and you can't trust a test you can't prove ran. a2a cloud runs live smoke tests against your agent's real preview URL on every build: it fetches the agent card, calls the advertised skills, and checks the output. An automated reviewer gates the code, and each run is captured as an Ed25519-signed receipt. Not a green check that disappears — evidence a passing test happened.

live preview URL · card + skills probes · signed receipt

0%
smoke tests on real preview
0
mocked-only test paths
0
signed receipt per run
the problem

A green checkmark isn't proof the agent works.

Most agent 'tests' are unit tests against mocks — they exercise the functions you remembered to cover, while the wiring that actually breaks in production goes untouched. The agent card, the advertised skills, the shape of the real output: none of it is verified against a running instance. And even when a check passes, it's a transient green mark that scrolls off the CI log — reproducible by nobody, provable to no one, and easily inherited by code that changed after it went green.

Unit tests against mocks never exercise the running agent end to end.
A declared-but-broken skill passes CI and fails at the first real caller.
No automated review of the diff — a human eyeballs it, or nobody does.
A green check scrolls off the log; you can't reproduce or prove it later.
the a2a way

Live smoke tests, gated review, signed proof.

On every build a2a stands the agent up at a real preview URL and probes it for real — card, skills, output — inside the same libkrun microVM it runs in production. An automated agent-reviewer gates the code, the smoke test re-runs after each self-repair, and every run leaves an Ed25519-signed receipt of exactly what happened.

Live smoke tests, not mocksAgent-card + skills probesAn automated reviewer gateRe-verified after self-repairTested inside a microVMA signed receipt per run

Live smoke tests, not mocks

Every build spins up the agent at a real preview URL and probes it for real: does it expose its agent card, are its skills callable, does a sample invocation return the expected output. Not a unit test against a mock — the running agent, answering.

Agent-card + skills probes

The smoke test fetches the agent card and confirms the advertised skills actually resolve and respond. A skill that's declared but broken fails the build here — before deploy — instead of at the first real caller.

An automated reviewer gate

An agent-reviewer reads the diff and the run results and gates the build: obvious defects, missing skills, and outputs that don't match the contract don't pass. A second set of eyes that never gets tired, on every build.

Re-verified after self-repair

When a build fails and the agent self-repairs, the smoke test runs again against the patched preview. A pass has to be earned by the code that actually ships — not inherited from an earlier attempt that no longer exists.

Tested inside a microVM

The smoke test executes in a libkrun microVM — the same hardware-isolated boundary the agent runs behind in production. You're testing it in the environment it will actually live in, not a permissive CI box that lies about what works.

A signed receipt per run

The result isn't a green checkmark that scrolls off the CI log. It's an Ed25519-signed receipt: which probes ran, what they returned, pass or fail. Durable evidence a passing test happened — don't trust the agent, trust the receipt.

side-by-side

Unit-test-and-hope vs. live smoke tests with signed proof.

dimension
green-check CI
a2a smoke tests
what runs
Unit tests against mocks — the real agent is never exercised end to end.
Live smoke tests hit the agent at a real preview URL during the build.
coverage
You test the functions you remembered to; the wiring goes untested.
Card is fetched, advertised skills are called, output is checked against contract.
review
A human eyeballs the diff if they have time, or nobody does.
An automated agent-reviewer gates every build on the code and the results.
after a fix
A green check from an earlier run gets trusted for code that changed.
Smoke tests re-run after each self-repair; the shipping code earns its pass.
the evidence
A green check that scrolls off the CI log and can't be reproduced later.
An Ed25519-signed receipt of exactly which probes ran and what they returned.
questions

Frequently asked.

How does a2a cloud test AI agents?

During every build, a2a stands the agent up at a real preview URL and runs live smoke tests against it: it fetches the agent card, confirms the advertised skills are callable, and checks that a sample invocation returns the expected output. An automated agent-reviewer also reads the diff and the run results and gates the build. The whole thing runs inside a libkrun microVM — the same isolation the agent uses in production — and the outcome is captured as a signed receipt.

What's the difference between testing an agent and observing it?

Testing answers 'did it work?' — the smoke tests and reviewer gate that run before deploy to prove the agent exposes its card, its skills respond, and its output matches the contract. Observability and accountability answer 'can you prove what it did in production?' On a2a both share the same receipt primitive: a passing smoke test and a live run each emit an Ed25519-signed receipt. See AI agent observability for how those receipts double as tamper-evident telemetry once the agent is live.

Can I smoke test an agent before it deploys?

That's the default. The smoke test runs against a preview URL during the build, before anything is promoted. If the agent card is missing, a skill doesn't resolve, or the output doesn't match what's expected, the build fails and nothing ships. You verify the agent before deploy rather than discovering the break from the first real caller.

What happens when a build fails and the agent self-repairs?

The agent patches the code and the smoke test runs again against the new preview URL. A pass is never inherited from an earlier attempt — the exact code that ships has to earn its own passing run, and each run leaves a signed receipt. So a green result always corresponds to the artifact actually being deployed, not to some intermediate version that no longer exists.

Why isn't a passing CI check enough evidence a test ran?

A green checkmark is a claim by the party being asked, and it scrolls off the log. For an autonomous agent taking consequential actions, an incident review or auditor wants to know which probes ran, what they returned, and against which build — and to trust that record even if they don't trust you. a2a captures each smoke-test run as an Ed25519-signed receipt, so the proof a test passed is durable and verifiable, not a transient status you have to take on faith.

keep reading

Related guides.

All guides live in the guides index.

don't trust the agent

Test it live. Prove the test ran.

a2a cloud deploys any agent — LangGraph, OpenAI Agents SDK, CrewAI, or custom — and runs live smoke tests against its real preview URL on every build: agent-card and skills probes, output checked against contract, an automated reviewer gate, re-verified after each self-repair, all inside a libkrun microVM. Managed Postgres, an MCP server, an API, a frontend, and an Ed25519-signed receipt per run. Testing you can prove happened.