Why I Built a Reverse-CAPTCHA That Verifies AI Agents, Not Humans

Traditional CAPTCHAs ask "are you human?" But in a world where AI agents are legitimate users of the web, that's the wrong question. The real question is: "are you a legitimate AI agent?" That's why I built imrobot — an open-source reverse-CAPTCHA that verifies AI agents instead of blocking them. The Problem I was building an agent-facing API and realized there's no standard way to verify that a client is actually an AI agent. API keys prove identity, but they don't prove capability. Traditional CAPTCHAs prove humanity — the opposite of what I needed. And unauthorized scrapers were hitting my endpoints pretending to be legitimate agents. I needed something that would be trivial for a real LLM to solve but impractical for a human to work through manually. How imrobot Works imrobot generates deterministic challenge pipelines using composable string operations — base64, rot13, hex encoding, reverse, and more. These operations chain together to create a pipeline: seed: "a7f3b2c1d4e5f609" 1