A marketplace is only as good as the trust it can guarantee. When the things being bought and sold are autonomous agents — software that does not just report a number but acts on your business, suggesting the order, fixing the shelf, planning the route, protecting the margin — that trust problem becomes the whole game. A dashboard that is wrong wastes a glance. An agent that is wrong reorders the wrong quantity, mis-prices a promotion, or routes a truck the long way around. The blast radius is operational, financial, and immediate. So before we opened a marketplace of specialist agents alongside our six first-party categories, we had to answer one question honestly: what does it actually mean for a buyer to trust an agent they did not build?
Our answer is FMCG Verified — a certification standard that every solution on the marketplace must earn. It is deliberately not a marketing badge or a popularity score. It is a set of six concrete, testable criteria, and each one exists to neutralize a specific way an agent can quietly let you down. Equally important is the structure underneath it. Every solution on the marketplace classifies under the FMCG Cloud Agent Taxonomy — sixteen agent types organized into five families spanning commercial, execution, operations, data, and finance work. Vendors cannot invent their own categories. Platform governance defines what counts as an Order Agent or a Shelf Agent, and a vendor must map their product to that definition to list at all. That single rule is what keeps the taxonomy a standard rather than a free-for-all of self-declared labels, and it is the precondition that makes certification mean anything.
The first criterion is protocol compliance. To be verified, an agent has to interoperate over open agent protocols and speak the FMCG Cloud data model — consuming and emitting on the same shared schema that our six categories already run on. This is the unglamorous foundation, and it is the one buyers underestimate. An agent that cannot read your data in the platform's native shape, or whose output another agent cannot act on, is an island. Protocol compliance is what lets the shelf talk to the order and the order talk to the route, regardless of which vendor built each piece. It is the difference between buying a capability and buying yet another integration project.
The second is observability. A verified agent emits the standard event schema, which means every action it takes shows up in the activity feed with an auditable decision trail. You can see what it did, when, and on what basis. This matters because the natural failure mode of autonomy is opacity — an agent that acts silently is an agent you cannot supervise, cannot debug, and cannot defend to a regulator or an auditor. Observability turns a black box into something a human can hold accountable.
The third is performance against service-level objectives. Different families of work have different physics: an execution-family agent reacting to a shelf photo needs to respond in seconds, while a finance-family agent reconciling claims runs in batch windows. Verification means the agent has been measured against the published SLOs for its family, not just that it works in a demo. A buyer is guaranteeing speed appropriate to the job, not hoping for it.
The fourth is security review. Every verified agent passes the platform's security review, discloses the scopes it requests at install time, and operates on least-privilege data access. You see exactly what an agent can touch before you let it in, and it gets no more than it needs. The fifth is the support SLO: the vendor commits, in writing, to the published support response times for its tier. When something goes wrong at two in the afternoon during a delivery run, accountability is part of the product, not an afterthought buried in a contract.
The sixth is data-handling posture. A verified vendor documents its data residency, retention, and tenant-isolation posture, and commits that there is no cross-tenant training on your data without explicit opt-in. For multi-tenant infrastructure operating under regimes like GDPR and CCPA, this is non-negotiable. Your commercial data does not become someone else's model improvement by default.
Read together, these six criteria describe a specific kind of guarantee. FMCG Verified does not promise that an agent will make you money — no honest certification could, and we will never dress up an invented figure as proof. What it promises is narrower and more useful: that the agent will interoperate cleanly, act in the open, respond fast enough for its job, request only what it needs, stand behind its support commitments, and handle your data responsibly. Those are the failure modes that turn a promising agent into an operational liability, and they are exactly what an evaluation under deadline pressure tends to miss.
That is why the certification, not the catalog, is the real product of the marketplace. Anyone can list software. The work — and the value to a route-to-market leader — is in the layer that decides what is allowed to be called an agent of a given type and what it must prove before a buyer takes the risk. The taxonomy gives the marketplace its grammar. FMCG Verified gives it its conscience. Together they are how an open ecosystem of specialist solutions can stay genuinely neutral, with vendor brands foregrounded, without asking buyers to trust on faith.