X402 Attack Surface Gate

Automated launch-readiness auditor for x402 and agent-payment API surfaces.

Install
cmdop skills install agensi-x402-attack-surface-gate

What it does

The x402 Attack Surface Gate is a security and reliability auditor for AI agent payment layers. It performs automated, no-payment probes of x402, MPP, and Pay.sh implementations to identify launch-blocking risks like payment bypass, replay vulnerabilities, and browser-related CORS or cache leaks.

Why use this skill

Testing paid API surfaces is notoriously difficult because you often have to spend real funds or mock complex wallet signatures. This skill solves that by using standardized, non-destructive probing techniques. It ensures your 402 payment challenges are correctly bound to resources, idempotent, and compatible with agent-centric browser environments before you go live.

Supported tools

  • x402 protocol manifests
  • OpenAPI / Swagger specifications
  • MPP and Pay.sh agent payment standards
  • Agent wallet registries and marketplace listings

The output provides a structured "Spend Map" and a prioritized "Patch Order," giving developers a clear checklist to move from 'hold_for_patch' to 'launch_ready'.