Agent402 handles real money (USDC settlement via x402), runs a headless browser against user-supplied URLs, and stores wallet-keyed data — security reports are taken seriously and acted on fast.
- Preferred: open a private security advisory on this repository.
- Or open a regular issue without exploit details and ask for a private channel.
- Direct email: mike@agent402.tools.
- Maintainer profile: github.com/MikeyPetrillo.
Please include reproduction steps and impact. You can expect an initial response within a few days; fixes for real issues ship through the normal CI pipeline (which re-tests every endpoint) as soon as they're ready.
- The live service at
agent402.tools(including/mcpand the marketplace bridge) - This codebase: SSRF guards, the proof-of-work scheme, payment gating, the memory access-control model
- The
agent402-mcpnpm package (especially the spend-control enforcement)
Out of scope: the x402 protocol itself, the Coinbase facilitator, Base/USDC contracts, and volumetric denial-of-service.
The security model — DNS-pinned SSRF guards with per-request browser re-validation, single-use slug-scoped proof-of-work, wallet-only gating of costly tools, timing-safe token comparison — is documented in the Security Model wiki page and is all in this repo to read.