// Trust & Security Report

    MetaGPT LLC logo

    MetaGPT LLC

    Multi-agent AI framework for software development. Open-source framework (Apache-2.0/MIT) for building AI agent teams, plus commercial SaaS product Atoms/MGX for no-code AI development.

    Certifications held

    0

    Maturity

    Startup

    Trains on your data

    Unknown

    Trust center

    No

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    > Show 12 unconfirmed / not-held certifications
    SOC 2 Type 1
    NOT CONFIRMED

    No public evidence found on atoms.dev, mgx.dev, or metagpt.biz domains.

    source: atoms.dev
    SOC 2 Type 2
    NOT CONFIRMED

    No public evidence found on atoms.dev, mgx.dev, or metagpt.biz domains.

    source: atoms.dev
    ISO 27001
    NOT CONFIRMED

    No public evidence found on atoms.dev, mgx.dev, or metagpt.biz domains.

    source: atoms.dev
    GDPR Compliance
    NOT CONFIRMED

    Privacy policy states 'Your information may be transferred to and maintained on computers located outside of your state, province, or country' - US data hosting. No formal GDPR-specific compliance documentation.

    source: atoms.dev
    HIPAA
    NOT CONFIRMED

    No public evidence found. Privacy policy makes no mention of HIPAA compliance or healthcare data handling.

    source: atoms.dev
    ISO 27017 (Cloud Security)
    NOT CONFIRMED

    No public evidence found on vendor domains.

    source: atoms.dev
    ISO 27018 (Personal Data Protection)
    NOT CONFIRMED

    No public evidence found on vendor domains.

    source: atoms.dev
    ISO 27701 (Privacy Management)
    NOT CONFIRMED

    No public evidence found on vendor domains.

    source: atoms.dev
    PCI DSS
    NOT CONFIRMED

    No public evidence found. Not applicable to core product offering.

    source: atoms.dev
    FedRAMP
    NOT CONFIRMED

    No public evidence found. Not targeting US government market.

    source: atoms.dev
    ISO/IEC 42001 (AI Management System)
    NOT CONFIRMED

    No public evidence found. AI governance certifications absent.

    source: atoms.dev
    CSA STAR
    NOT CONFIRMED

    No public evidence found on vendor domains.

    source: atoms.dev

    // Privacy & AI training

    Trains on customer data

    Not stated

    Data processing agreement

    Not offered

    Data region

    United States (primary hosting). Privacy policy explicitly states data may be transferred outside user's jurisdiction to US servers.

    Privacy policy contains no explicit language about customer data training. Policy states generic 'commercially reasonable technical, administrative, and organizational measures' without mentioning AI-specific data governance. No opt-out mechanism documented.

    // Security controls

    Data encryption in transit

    Stated as part of 'commercially reasonable measures' but no specific protocol mentioned (TLS/HTTPS assumed standard)

    atoms.dev

    Data encryption at rest

    Not specified in public documentation

    atoms.dev

    Security update policy

    Open-source MetaGPT framework: No supported versions for security updates. Contact: alexanderwu@deepwisdom.ai for vulnerabilities.

    github.com

    Responsible disclosure

    Email-based vulnerability reporting only; minimal formal process documented

    github.com

    Inter-agent privacy (general multi-agent risk, not a MetaGPT-specific measurement)

    CLASS-LEVEL RISK: The AgentLeak benchmark (arXiv 2602.11510) evaluates privacy leakage in multi-agent LLM systems generally, testing production LLMs (GPT-4o, GPT-4o-mini, Claude 3.5 Sonnet, Mistral Large, Llama 3.3 70B). It finds inter-agent messages leak at 68.8% versus 27.2% for final outputs (43.2% in single-agent mode), with multi-agent coordination attacks succeeding 82.9% of the time via coordination channels and shared memory. MetaGPT is named only as one framework the benchmark's adapter layer can instrument (alongside LangChain, CrewAI, AutoGPT); the paper does NOT measure MetaGPT's own architecture. As a multi-agent framework, MetaGPT plausibly shares this class of risk, but no MetaGPT-specific figure exists.

    arxiv.org

    // Products & data scope

    MetaGPT Framework (Open Source)AI Framework

    data: User's local environment (self-hosted). No cloud data retention for framework itself.

    MIT/Apache-2.0 licensed. Can be run on-premises. Requires LLM API key configuration (OpenAI, Azure, etc). No built-in compliance controls in framework.

    Atoms/MGX (Commercial SaaS)AI Development Platform

    data: Cloud-hosted US servers. User code and prompts processed in cloud environment.

    Rebranded from MGX to Atoms. No formal SLA or compliance certifications. Generic privacy policy applies. Early-stage product.

    // What to watch

    • No formal security certifications despite operating commercial SaaS product (Atoms/MGX)
    • Minimal security maintenance: open-source framework has zero supported versions for security updates
    • The AgentLeak benchmark (arXiv 2602.11510) reports high inter-agent privacy leakage in multi-agent LLM systems generally (68.8% inter-agent message leakage vs 27.2% final-output; up to 82.9% coordination-attack success). IMPORTANT: this is a general finding measured on production LLMs across many multi-agent setups, NOT a measurement of MetaGPT specifically - MetaGPT is only listed as one framework the benchmark's adapter can instrument. Treat as a class-level risk that plausibly applies, not a proven MetaGPT-specific vulnerability. The earlier draft's '28-35% baseline / 68.8% with adversarial attacks' framing misread the paper's figures.
    • Shared memory and coordination channels are a documented exfiltration vector for multi-agent LLM systems in general; whether MetaGPT specifically mitigates this is undocumented rather than proven vulnerable
    • Data transfers to US by default; international users should verify GDPR compliance posture for their use case
    • Generic 'commercially reasonable' security language only - no specific technical controls documented
    • Rebranding from MGX to Atoms may indicate early product iteration stage
    • No public Data Processing Agreement (DPA) for EU users
    • No documented AI training or data retention policies

    // At a glance

    Pricing model

    Open-source (free) for framework; SaaS subscription model for Atoms/MGX commercial product

    Self-hostable

    Yes

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on MetaGPT LLC's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-07-07. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    atoms.dev

    > Browse all vendor trust reports