Trust Levels & Badges
Understanding Cargo trust levels and what badges mean
Trust Levels & Badges
Every Cargo on Archipelag.io has a trust level (0-3) displayed as a badge. This page explains what each level means and how to interpret trust signals when choosing Cargos.
Trust Level Overview
| Level | Badge | Name | Meaning |
|---|---|---|---|
| 0 | Gray | Sandbox | New or unverified Cargo |
| 1 | Blue | Community | Security scan passed, community-used |
| 2 | Green | Verified | Platform reviewed and cryptographically signed |
| 3 | Purple | Official | First-party Archipelag.io Cargo |
Level 0: Sandbox
Badge: Gray shield
What it means:
- Cargo was recently submitted
- May not have completed security scanning
- Runs with maximum restrictions
Capabilities:
- No network access
- Minimal resources (256MB RAM, 1 CPU)
- 60-second maximum duration
- Cannot access GPU
When you’ll see this:
- Brand new Cargos awaiting review
- Cargos that failed security requirements
- Cargos from Individual-tier publishers
Level 1: Community
Badge: Blue shield with checkmark
What it means:
- Passed automated security scanning
- No critical or high-severity vulnerabilities
- Has been used successfully by the community (100+ jobs)
- Publisher is at least Verified tier
Capabilities:
- Standard sandbox (1GB RAM, 2 CPU)
- 5-minute maximum duration
- No network access
- No GPU access
Trust signals to look for:
- Job success rate (aim for >95%)
- Number of jobs completed
- Publisher verification status
- User ratings and reviews
Level 2: Verified
Badge: Green shield with checkmark
What it means:
- Passed automated security scanning
- Manually reviewed by platform staff
- Cryptographically signed by Archipelag.io
- Build provenance verified (SLSA attestation)
- Publisher is Organization tier or higher
Capabilities:
- Elevated sandbox (8GB RAM, 4 CPU)
- 30-minute maximum duration
- Outbound network access (for API calls, etc.)
- No GPU access (unless Partner tier)
How Cargos reach this level:
- Publisher requests staff review
- Platform team reviews code, container, and behavior
- If approved, Cargo is signed with platform key
- Signature is verified by Islands before execution
Level 3: Official
Badge: Purple star
What it means:
- Built and maintained by Archipelag.io
- Full platform backing and support
- Highest level of verification
- Used for core platform capabilities
Capabilities:
- Custom resource limits
- GPU access
- Network access
- Priority scheduling
Examples:
archipelag/llm-chat- LLM inferencearchipelag/image-gen- Image generationarchipelag/embeddings- Vector embeddings
Reading Trust Information
When viewing a Cargo, click the trust badge to see detailed information:
Trust Details Modal
The trust modal shows:
Verification Status
- Current trust level and how it was achieved
- Security scan results (vulnerability counts by severity)
- Signature status (signed/unsigned, key fingerprint)
- Build provenance (if available)
Publisher Information
- Publisher name and tier
- Verification method (Stripe, GitHub, Domain)
- Time on platform
- Other published Cargos
Performance Metrics
- Reputation score (0.0 - 5.0)
- Total jobs completed
- Success rate percentage
- Average response time
Security Scan Summary
- Scan date
- Scanner tool and version
- Vulnerability breakdown:
- Critical: Must be 0 for Level 1+
- High: Must be ≤5 for Level 1, 0 for Level 2+
- Medium: Informational
- Low: Informational
Evaluating Cargos
For Personal Use
Community Cargos (Level 1) are generally fine for personal projects and experimentation. Check:
- Publisher has Verified tier or higher
- Success rate is above 90%
- No recent complaints or issues
For Production Use
For production applications, prefer Verified Cargos (Level 2):
- Cryptographic signature ensures integrity
- Staff review adds human oversight
- Build provenance enables supply chain verification
Red Flags to Watch For
Be cautious of Cargos with:
- Sandbox level (Level 0) with no path to verification
- Success rate below 85%
- Reputation score below 1.0
- Many recent failures or complaints
- Publisher with no other Cargos
- Vague or missing descriptions
How Trust Levels Change
Promotion
Cargos can be promoted to higher trust levels:
| From | To | Requirements |
|---|---|---|
| 0 → 1 | Scan passes, 100+ jobs, publisher verified | |
| 1 → 2 | Staff review, cryptographic signing | |
| 2 → 3 | First-party only (not applicable to third-party) |
Demotion
Cargos can be demoted for:
- New security vulnerabilities discovered in rescans
- Success rate drops below threshold
- Reputation score falls below minimum
- Policy violations
- Publisher suspension
Sandbox Tiers (Technical)
Trust levels map to sandbox tiers that control runtime restrictions:
| Sandbox Tier | Trust Levels | Network | GPU | Memory | Duration |
|---|---|---|---|---|---|
restricted | 0 | None | No | 256MB | 60s |
standard | 1 | None | No | 1GB | 300s |
elevated | 2, 3 | Outbound | Conditional | 8GB | 1800s |
These restrictions are enforced at the Island level using container isolation, seccomp profiles, and resource cgroups.
Frequently Asked Questions
Can I request a trust level upgrade?
For Level 1 (Community), upgrades happen automatically when requirements are met. For Level 2 (Verified), Organization-tier publishers can request staff review from the Cargo settings page.
How often are Cargos rescanned?
All Cargos are rescanned weekly. If new vulnerabilities are found, trust levels may be adjusted automatically.
What if I disagree with a trust level decision?
Contact support@archipelag.io with your Cargo ID and concerns. We’ll review the decision.
Do trust levels affect pricing?
No, pricing is based on resource usage, not trust level. However, higher trust levels unlock more resources, which may affect total cost for resource-intensive jobs.
Next Steps
Reputation System
Learn how Cargo reputation is calculated.
{% end %}