Glide’s connector + skill ecosystem uses a three-tier trust ladder. Trust is quality-based, not licensing-based — every package ships under MIT regardless of tier.Documentation Index
Fetch the complete documentation index at: https://glide-9da73dea.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Canonical URL
https://glide.co/schemas/agent-banking/v1/trust-tier.json
The three tiers
| Tier | When | Off-by-default? | Signed agreement? |
|---|---|---|---|
community | Any first PR | Yes — GLIDE_ALLOW_COMMUNITY_CONNECTORS=true + red admin banner | No |
verified | Reviewed against checklist + signed Trusted Partner Agreement (connectors) or Trusted Skill Agreement (skills) | No — ships enabled with per-tenant opt-in | Yes |
core | Glide-maintained reference implementations | No — ships enabled | N/A (Glide is the maintainer) |
How tiers work in practice
community
The default for any first PR submission. The connector or skill is in the repo + the catalog renders it, but operators must explicitly opt in via env. Useful for experimentation, PoC integrations, or high-uncertainty vendor integrations.
The red admin banner is not optional — the connector / skill operates with materially less review than higher tiers, and self-hosters should know that.
verified
Promotion requires:
- A separate PR that bumps
trust: community→trust: verified. - The signed Trusted Partner Agreement (connectors) or Trusted Skill Agreement (skills) attached as a PDF hash to the PR.
- CODEOWNERS approval from
@darshanbathija(and, when the team grows,@glide/core). - Compliance + counsel review (the verified-tier 8-gate CI matrix runs additional checks).
glide.co/marketplace with the Verified badge. Operators enable them per-tenant; opt-in is one-click.
core
Glide maintains the reference implementation. Operators can rely on us for security patches, breaking-change migrations, and feature parity with Glide Cloud.
core is not “more trustworthy” in an absolute sense. A verified connector authored by a regulated partner with deep vendor expertise is often a better fit for a corridor than the core reference adapter.
Tier promotion as a separate PR
Thetrust: field is CODEOWNERS-protected. Bumping it requires its own PR — never silent in a feature-add PR. This protects against:
- Self-promotion attacks (a partner writes a connector at
community, then sneakstrust: verifiedinto a follow-up “minor fix” PR). - Stale Trusted Partner Agreements (we re-verify the PDF hash on every promotion PR).
- Tier-promotion review missing the compliance pass (separate PR = separate review SLA = separate counsel touch).
Review SLA
- Community-tier: 5 business days from PR submission.
- Verified-tier promotion: 10 business days (includes signed-agreement review).
Reading list
- Adding a connector — partner-PR flow.
- Authoring a skill — same flow for skills.
- License compatibility — how tier interacts with dependency licenses.