// Trust & Security Report
MetaGPT LLC
Multi-agent AI framework for software development. Open-source framework (Apache-2.0/MIT) for building AI agent teams, plus commercial SaaS product Atoms/MGX for no-code AI development.
Certifications held
0
Maturity
Startup
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
> Show 12 unconfirmed / not-held certifications
source: atoms.devNo public evidence found on atoms.dev, mgx.dev, or metagpt.biz domains.
source: atoms.devNo public evidence found on atoms.dev, mgx.dev, or metagpt.biz domains.
source: atoms.devNo public evidence found on atoms.dev, mgx.dev, or metagpt.biz domains.
source: atoms.devPrivacy policy states 'Your information may be transferred to and maintained on computers located outside of your state, province, or country' - US data hosting. No formal GDPR-specific compliance documentation.
source: atoms.devNo public evidence found. Privacy policy makes no mention of HIPAA compliance or healthcare data handling.
source: atoms.devNo public evidence found on vendor domains.
source: atoms.devNo public evidence found on vendor domains.
source: atoms.devNo public evidence found. Not applicable to core product offering.
source: atoms.devNo public evidence found. AI governance certifications absent.
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Not offered
Data region
United States (primary hosting). Privacy policy explicitly states data may be transferred outside user's jurisdiction to US servers.
Privacy policy contains no explicit language about customer data training. Policy states generic 'commercially reasonable technical, administrative, and organizational measures' without mentioning AI-specific data governance. No opt-out mechanism documented.
// Security controls
Data encryption in transit
Stated as part of 'commercially reasonable measures' but no specific protocol mentioned (TLS/HTTPS assumed standard)
atoms.devSecurity update policy
Open-source MetaGPT framework: No supported versions for security updates. Contact: alexanderwu@deepwisdom.ai for vulnerabilities.
github.comResponsible disclosure
Email-based vulnerability reporting only; minimal formal process documented
github.comInter-agent privacy (general multi-agent risk, not a MetaGPT-specific measurement)
CLASS-LEVEL RISK: The AgentLeak benchmark (arXiv 2602.11510) evaluates privacy leakage in multi-agent LLM systems generally, testing production LLMs (GPT-4o, GPT-4o-mini, Claude 3.5 Sonnet, Mistral Large, Llama 3.3 70B). It finds inter-agent messages leak at 68.8% versus 27.2% for final outputs (43.2% in single-agent mode), with multi-agent coordination attacks succeeding 82.9% of the time via coordination channels and shared memory. MetaGPT is named only as one framework the benchmark's adapter layer can instrument (alongside LangChain, CrewAI, AutoGPT); the paper does NOT measure MetaGPT's own architecture. As a multi-agent framework, MetaGPT plausibly shares this class of risk, but no MetaGPT-specific figure exists.
arxiv.org// Products & data scope
data: User's local environment (self-hosted). No cloud data retention for framework itself.
MIT/Apache-2.0 licensed. Can be run on-premises. Requires LLM API key configuration (OpenAI, Azure, etc). No built-in compliance controls in framework.
data: Cloud-hosted US servers. User code and prompts processed in cloud environment.
Rebranded from MGX to Atoms. No formal SLA or compliance certifications. Generic privacy policy applies. Early-stage product.
// What to watch
- No formal security certifications despite operating commercial SaaS product (Atoms/MGX)
- Minimal security maintenance: open-source framework has zero supported versions for security updates
- The AgentLeak benchmark (arXiv 2602.11510) reports high inter-agent privacy leakage in multi-agent LLM systems generally (68.8% inter-agent message leakage vs 27.2% final-output; up to 82.9% coordination-attack success). IMPORTANT: this is a general finding measured on production LLMs across many multi-agent setups, NOT a measurement of MetaGPT specifically - MetaGPT is only listed as one framework the benchmark's adapter can instrument. Treat as a class-level risk that plausibly applies, not a proven MetaGPT-specific vulnerability. The earlier draft's '28-35% baseline / 68.8% with adversarial attacks' framing misread the paper's figures.
- Shared memory and coordination channels are a documented exfiltration vector for multi-agent LLM systems in general; whether MetaGPT specifically mitigates this is undocumented rather than proven vulnerable
- Data transfers to US by default; international users should verify GDPR compliance posture for their use case
- Generic 'commercially reasonable' security language only - no specific technical controls documented
- Rebranding from MGX to Atoms may indicate early product iteration stage
- No public Data Processing Agreement (DPA) for EU users
- No documented AI training or data retention policies
// At a glance
Pricing model
Open-source (free) for framework; SaaS subscription model for Atoms/MGX commercial product
Self-hostable
Yes
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on MetaGPT LLC's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-07. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
atoms.dev