@agentutility/mcp-prooflayer 0.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +86 -0
- package/dist/index.js +86 -0
- package/dist/tools.generated.js +207 -0
- package/package.json +46 -0
package/README.md
ADDED
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
# @agentutility/mcp-prooflayer
|
|
2
|
+
|
|
3
|
+
> Trust + risk scanners for AI-built apps.
|
|
4
|
+
|
|
5
|
+
AI builds apps fast. Prooflayer verifies they're safe to ship — secrets, deploys, migrations, dependencies, prompt-injection, supply chain.
|
|
6
|
+
|
|
7
|
+
**Pricing:** pay-per-call in USDC on Base. No subscriptions, no API keys. See per-tool prices below.
|
|
8
|
+
|
|
9
|
+
## Install — Claude Desktop
|
|
10
|
+
|
|
11
|
+
Edit `~/Library/Application Support/Claude/claude_desktop_config.json` (macOS) or `%APPDATA%\Claude\claude_desktop_config.json` (Windows):
|
|
12
|
+
|
|
13
|
+
```json
|
|
14
|
+
{
|
|
15
|
+
"mcpServers": {
|
|
16
|
+
"agentutility-prooflayer": {
|
|
17
|
+
"command": "npx",
|
|
18
|
+
"args": ["-y", "@agentutility/mcp-prooflayer"],
|
|
19
|
+
"env": { "X402_PRIVATE_KEY": "0xYOUR_PRIVATE_KEY_HEX" }
|
|
20
|
+
}
|
|
21
|
+
}
|
|
22
|
+
}
|
|
23
|
+
```
|
|
24
|
+
|
|
25
|
+
Restart Claude Desktop. 13 tools appear in the tool palette.
|
|
26
|
+
|
|
27
|
+
## Install — Cursor
|
|
28
|
+
|
|
29
|
+
Add to `.cursor/mcp.json`:
|
|
30
|
+
|
|
31
|
+
```json
|
|
32
|
+
{
|
|
33
|
+
"mcpServers": {
|
|
34
|
+
"agentutility-prooflayer": {
|
|
35
|
+
"command": "npx",
|
|
36
|
+
"args": ["-y", "@agentutility/mcp-prooflayer"],
|
|
37
|
+
"env": { "X402_PRIVATE_KEY": "0x..." }
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
## Funding
|
|
44
|
+
|
|
45
|
+
Send any amount of **USDC on Base mainnet** to the address derived from your `X402_PRIVATE_KEY`. The MCP server uses it to pay for tool calls automatically.
|
|
46
|
+
|
|
47
|
+
USDC on Base contract: `0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913`
|
|
48
|
+
|
|
49
|
+
## Tools (13)
|
|
50
|
+
|
|
51
|
+
| Tool | Description |
|
|
52
|
+
|---|---|
|
|
53
|
+
| `ai-content-detector` | (0.03 USDC/call) AI content detector / GPT detector / ChatGPT plagiarism checker. Calibrated probability (0-1), verdict, suspicious phrases, per-axis style signals (em-dash overuse, hedge phrases, formulaic transitions). |
|
|
54
|
+
| `brand-clearance` | (0.25 USDC/call) Brand clearance aggregator / name screening / product-name vetting / startup-brand pre-flight. Given a candidate brand name, returns a single composite clearance signal an agent can act on. Calls four checks in parallel (in-process, no x402 self-billing): USPTO TM name search, domain availability across requested TLDs (default .com .ai .dev .io .co), Wikipedia presence, Hacker News mention scan. Returns risk_level (clear|soft|moderate|hard), risk_score 0-100, sub-scores per signal, the raw hits, and a one-line recommendation. Designed for AI agents self-screening project / product / startup names before committing. Screening tool only — not legal advice. |
|
|
55
|
+
| `cve` | (0.005 USDC/call) CVE lookup / vulnerability database. NIST NVD-backed. CVSS v3.1+v2 scores, severity, affected CPEs, CWE, exploit indicators + LLM summary. |
|
|
56
|
+
| `cve-lookup` | (0.005 USDC/call) CVE lookup / vulnerability database. NIST NVD-backed. CVSS v3.1 + v2 scores, severity, affected CPEs, CWE class, references, public-exploit indicators. Plus LLM exploitability summary. |
|
|
57
|
+
| `db-migration-risk` | (0.02 USDC/call) DB migration risk audit / SQL migration safety check / DROP COLUMN detector / unsafe ALTER TABLE detector / Postgres CREATE INDEX CONCURRENTLY check / Alembic op.drop_* detector / TRUNCATE/DELETE WHERE detector / foreign key NOT VALID check / pre-deploy DB gate. Walks `migrations/`, `prisma/migrations/`, `db/migrate/`, `supabase/migrations/`, `alembic/versions/` and flags destructive DDL, lock-heavy ALTER TABLE, NOT NULL without DEFAULT, plain CREATE INDEX (vs CONCURRENTLY), unbounded TRUNCATE/DELETE, and FK validation without NOT VALID. Returns 0-100 score, per-finding kind/severity/path/line/evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} for public GitHub or {files: [{path, content}, …]} for private / agent-workspace use. |
|
|
58
|
+
| `dep-risk-summary` | (0.03 USDC/call) repo dependency risk audit / package.json + lockfile vetter / unpinned dep detector / transitive dep counter / requirements.txt audit / pyproject dep risk / repo-level supply-chain risk score / Snyk-adjacent / deprecated dep detector / install-script dep detector. Best-effort scan of package.json, pnpm-lock.yaml, package-lock.json, yarn.lock, bun.lock (JS); requirements.txt, pyproject.toml, poetry.lock (Python); go.mod, go.sum (Go). Samples 10 alphabetically-first direct deps via npm/PyPI registry for deprecation + install-script signals. Returns 0-100 score, per-finding kind/severity/path/evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} or {files: [{path, content}, …]}. |
|
|
59
|
+
| `deploy-config-risk` | (0.02 USDC/call) deploy config audit / Dockerfile lint / vercel.json hardening / wrangler.toml review / docker-compose.yml safety / fly.toml secrets check / netlify deploy gate / open CORS detector / exposed admin port detector / plaintext secret in env detector / production-readiness deploy gate. Fetches deploy config files (Dockerfile, wrangler.toml, vercel.json, netlify.toml, fly.toml, docker-compose.yml, serverless.yml) and flags open CORS with credentials, exposed admin ports (22/5432/6379/etc), plaintext secrets in inline env, dev/debug mode left enabled, missing healthchecks. Returns 0-100 score, per-finding kind/severity/path/line/redacted-evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} for public GitHub or {files: [{path, content}, …]} for private / agent-workspace use. |
|
|
60
|
+
| `github-repo-health` | (0.03 USDC/call) GitHub repo health score / open-source maintainability checker. 0-100 score + grade (abandoned/stale/okay/healthy/thriving). Commit activity, contributors, license, CI, tests. Plus LLM verdict. |
|
|
61
|
+
| `package-risk-npm` | (0.03 USDC/call) npm package risk score / supply-chain scanner / typosquat detector. Maintainer count, weekly downloads, install scripts, dependency depth, deprecation, age, typosquat distance to popular packages. Plus LLM risk summary. |
|
|
62
|
+
| `production-readiness-score` | (0.10 USDC/call) production readiness score / AI app deploy gate / Prooflayer cluster aggregator / repo prod-risk composite / one-call audit / unified production readiness API / vibe-coded app safety scan. Calls all 5 Prooflayer component scanners (secrets-exposure-check, deploy-config-risk, db-migration-risk, dep-risk-summary, prompt-injection-surface) in parallel in-process and rolls findings into a weighted composite score (default weights: secrets 0.30, migrations 0.20, deps 0.20, deploy 0.15, prompt 0.15). Returns composite 0-100, production_grade (production-ready | needs-review | risky | do-not-ship), per-component sub-scores, top-N deduped findings sorted by severity + score_contribution, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} or {files: [{path, content}, …]}. Optional 'weights' override (each in [0,0.5], proportionally normalized) and 'max_findings' (default 10, cap 50). |
|
|
63
|
+
| `prompt-injection-surface` | (0.03 USDC/call) AI prompt injection surface scanner / LLM call-site audit / unsanitized user input in prompts detector / system-message mixing flag / unbounded completion detector / AI app safety scan / pre-deploy AI risk gate. Walks .ts/.tsx/.js/.jsx/.py/.mjs/.cjs source files, locates LLM SDK call sites (anthropic, openai, @ai-sdk/*, google generative), and flags user input flowing into prompts without sanitization, calls without max_tokens caps, system/user prompt mixing, and LLM output used unvalidated in fetch/exec/eval. Returns 0-100 score, per-finding kind/severity/path/line/evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} (tree-walk, capped 500 files) or {files: [{path, content}, …]}. |
|
|
64
|
+
| `pypi-package-risk` | (0.01 USDC/call) PyPI package risk score / Python supply-chain scanner. Age, monthly downloads, install-script hooks (cmdclass/setup.py), dependency depth, deprecation, typosquat distance to 50 popular Python packages. Plus LLM risk summary. |
|
|
65
|
+
| `secrets-exposure-check` | (0.02 USDC/call) secrets exposure scan / hardcoded API key detector / .env-committed-key audit / Next.js client env leak detector / pre-deploy secret gate. Fetches top-level config files (.env*, wrangler.toml, vercel.json, next.config.*, package.json, etc.) and scans for hardcoded AWS/OpenAI/Anthropic/Stripe/GitHub keys, private keys, DB URLs with passwords, JWT secrets, weak values in .env.example, and server-only env vars accidentally exposed via NEXT_PUBLIC_. Returns 0-100 score, per-finding kind/severity/path/line/redacted-evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} for public GitHub or {files: [{path, content}, …]} for private / agent-workspace use. |
|
|
66
|
+
|
|
67
|
+
## How it works
|
|
68
|
+
|
|
69
|
+
1. Agent calls a tool (e.g. `ai-content-detector`).
|
|
70
|
+
2. MCP server POSTs to `https://x402.agentutility.ai/ai-content-detector`.
|
|
71
|
+
3. The endpoint responds **HTTP 402** with payment instructions.
|
|
72
|
+
4. The MCP server signs an EIP-3009 USDC transfer authorization with `X402_PRIVATE_KEY` and retries.
|
|
73
|
+
5. CDP facilitator settles on Base.
|
|
74
|
+
6. The endpoint returns the actual response.
|
|
75
|
+
|
|
76
|
+
The agent never sees the payment flow — it just gets the result.
|
|
77
|
+
|
|
78
|
+
## Links
|
|
79
|
+
|
|
80
|
+
- Cluster overview: https://agentutility.ai/prooflayer/
|
|
81
|
+
- All MCP packages: https://mcp.agentutility.ai/
|
|
82
|
+
- Source: https://github.com/rooz21/x402/tree/main/packages/mcp-prooflayer
|
|
83
|
+
|
|
84
|
+
---
|
|
85
|
+
|
|
86
|
+
**Version:** 0.1.8 · **License:** MIT
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* @agentutility/mcp-<cluster> — stdio MCP server exposing the cluster's
|
|
4
|
+
* x402-paid endpoints as MCP tools. Forwards every CallToolRequest to
|
|
5
|
+
* x402.agentutility.ai, where @x402/fetch handles 402 → payment → retry
|
|
6
|
+
* using the agent's own wallet (X402_PRIVATE_KEY env var).
|
|
7
|
+
*
|
|
8
|
+
* Boilerplate is single-sourced at packages/_template/src/index.ts and
|
|
9
|
+
* copied verbatim into each packages/mcp-<cluster>/src/index.ts by
|
|
10
|
+
* scripts/generate-mcp-clusters.mjs. The codegen also writes a matching
|
|
11
|
+
* tools.generated.ts so this file imports CLUSTER_SLUG + VERSION + TOOLS
|
|
12
|
+
* rather than hard-coding.
|
|
13
|
+
*
|
|
14
|
+
* Required env: X402_PRIVATE_KEY (hex EVM key, USDC on Base).
|
|
15
|
+
* Optional env: X402_BASE_URL (default https://x402.agentutility.ai)
|
|
16
|
+
* X402_RPC_URL (default https://mainnet.base.org)
|
|
17
|
+
*/
|
|
18
|
+
import { Server } from "@modelcontextprotocol/sdk/server/index.js";
|
|
19
|
+
import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
|
|
20
|
+
import { CallToolRequestSchema, ListToolsRequestSchema, } from "@modelcontextprotocol/sdk/types.js";
|
|
21
|
+
import { wrapFetchWithPayment, x402Client } from "@x402/fetch";
|
|
22
|
+
import { ExactEvmScheme, toClientEvmSigner } from "@x402/evm";
|
|
23
|
+
import { privateKeyToAccount } from "viem/accounts";
|
|
24
|
+
import { createPublicClient, http } from "viem";
|
|
25
|
+
import { base } from "viem/chains";
|
|
26
|
+
import { TOOLS, CLUSTER_SLUG, VERSION } from "./tools.generated.js";
|
|
27
|
+
const BASE_URL = (process.env.X402_BASE_URL || "https://x402.agentutility.ai").replace(/\/$/, "");
|
|
28
|
+
const RPC_URL = process.env.X402_RPC_URL || "https://mainnet.base.org";
|
|
29
|
+
const PK = process.env.X402_PRIVATE_KEY;
|
|
30
|
+
if (!PK) {
|
|
31
|
+
console.error(`[@agentutility/mcp-${CLUSTER_SLUG}] FATAL: X402_PRIVATE_KEY env var is required.`);
|
|
32
|
+
console.error("Set it to a hex-encoded EVM private key with USDC balance on Base (chain 8453).");
|
|
33
|
+
console.error("USDC on Base: 0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913");
|
|
34
|
+
process.exit(1);
|
|
35
|
+
}
|
|
36
|
+
const account = privateKeyToAccount((PK.startsWith("0x") ? PK : `0x${PK}`));
|
|
37
|
+
const publicClient = createPublicClient({
|
|
38
|
+
chain: base,
|
|
39
|
+
transport: http(RPC_URL),
|
|
40
|
+
});
|
|
41
|
+
const signer = toClientEvmSigner(account, publicClient);
|
|
42
|
+
const client = new x402Client().register("eip155:8453", new ExactEvmScheme(signer));
|
|
43
|
+
const paidFetch = wrapFetchWithPayment(fetch, client);
|
|
44
|
+
async function trackedFetch(url, init) {
|
|
45
|
+
const headers = new Headers(init?.headers);
|
|
46
|
+
headers.set("X-Agent-Channel", `mcp-stdio-${CLUSTER_SLUG}`);
|
|
47
|
+
headers.set("X-Agent-Id", "47167");
|
|
48
|
+
if (!headers.has("User-Agent")) {
|
|
49
|
+
headers.set("User-Agent", `agentutility-mcp/${CLUSTER_SLUG}/${VERSION}`);
|
|
50
|
+
}
|
|
51
|
+
return paidFetch(url, { ...init, headers });
|
|
52
|
+
}
|
|
53
|
+
const server = new Server({ name: `agentutility-${CLUSTER_SLUG}`, version: VERSION }, { capabilities: { tools: {} } });
|
|
54
|
+
server.setRequestHandler(ListToolsRequestSchema, async () => ({
|
|
55
|
+
tools: TOOLS.map((t) => ({
|
|
56
|
+
name: t.name,
|
|
57
|
+
description: t.description,
|
|
58
|
+
inputSchema: t.input_schema,
|
|
59
|
+
})),
|
|
60
|
+
}));
|
|
61
|
+
server.setRequestHandler(CallToolRequestSchema, async (req) => {
|
|
62
|
+
const name = req.params.name;
|
|
63
|
+
const tool = TOOLS.find((t) => t.name === name);
|
|
64
|
+
if (!tool) {
|
|
65
|
+
return { content: [{ type: "text", text: `Unknown tool: ${name}` }], isError: true };
|
|
66
|
+
}
|
|
67
|
+
try {
|
|
68
|
+
const res = await trackedFetch(`${BASE_URL}/${tool.http_name}`, {
|
|
69
|
+
method: "POST",
|
|
70
|
+
headers: { "Content-Type": "application/json" },
|
|
71
|
+
body: JSON.stringify(req.params.arguments ?? {}),
|
|
72
|
+
});
|
|
73
|
+
const body = await res.text();
|
|
74
|
+
if (!res.ok) {
|
|
75
|
+
return { content: [{ type: "text", text: `HTTP ${res.status}: ${body}` }], isError: true };
|
|
76
|
+
}
|
|
77
|
+
return { content: [{ type: "text", text: body }] };
|
|
78
|
+
}
|
|
79
|
+
catch (err) {
|
|
80
|
+
return {
|
|
81
|
+
content: [{ type: "text", text: `tool call failed: ${err instanceof Error ? err.message : String(err)}` }],
|
|
82
|
+
isError: true,
|
|
83
|
+
};
|
|
84
|
+
}
|
|
85
|
+
});
|
|
86
|
+
await server.connect(new StdioServerTransport());
|
|
@@ -0,0 +1,207 @@
|
|
|
1
|
+
/** Auto-generated by scripts/generate-mcp-clusters.mjs. Do not edit by hand. */
|
|
2
|
+
export const CLUSTER_SLUG = "prooflayer";
|
|
3
|
+
export const VERSION = "0.1.8";
|
|
4
|
+
export const TOOLS = [
|
|
5
|
+
{
|
|
6
|
+
"name": "ai-content-detector",
|
|
7
|
+
"http_name": "ai-content-detector",
|
|
8
|
+
"description": "(0.03 USDC/call) AI content detector / GPT detector / ChatGPT plagiarism checker. Calibrated probability (0-1), verdict, suspicious phrases, per-axis style signals (em-dash overuse, hedge phrases, formulaic transitions).",
|
|
9
|
+
"method": "POST",
|
|
10
|
+
"input_schema": {
|
|
11
|
+
"type": "object",
|
|
12
|
+
"properties": {
|
|
13
|
+
"text": {
|
|
14
|
+
"type": "string",
|
|
15
|
+
"description": "100-20,000 chars."
|
|
16
|
+
}
|
|
17
|
+
},
|
|
18
|
+
"required": [
|
|
19
|
+
"text"
|
|
20
|
+
]
|
|
21
|
+
}
|
|
22
|
+
},
|
|
23
|
+
{
|
|
24
|
+
"name": "brand-clearance",
|
|
25
|
+
"http_name": "brand-clearance",
|
|
26
|
+
"description": "(0.25 USDC/call) Brand clearance aggregator / name screening / product-name vetting / startup-brand pre-flight. Given a candidate brand name, returns a single composite clearance signal an agent can act on. Calls four checks in parallel (in-process, no x402 self-billing): USPTO TM name search, domain availability across requested TLDs (default .com .ai .dev .io .co), Wikipedia presence, Hacker News mention scan. Returns risk_level (clear|soft|moderate|hard), risk_score 0-100, sub-scores per signal, the raw hits, and a one-line recommendation. Designed for AI agents self-screening project / product / startup names before committing. Screening tool only — not legal advice.",
|
|
27
|
+
"method": "POST",
|
|
28
|
+
"input_schema": {
|
|
29
|
+
"type": "object",
|
|
30
|
+
"properties": {
|
|
31
|
+
"name": {
|
|
32
|
+
"type": "string",
|
|
33
|
+
"description": "Candidate brand name (1-60 chars). Used as-is for USPTO + HN search; lowercased + alphanumeric-stripped for domain construction."
|
|
34
|
+
},
|
|
35
|
+
"tlds": {
|
|
36
|
+
"type": "array",
|
|
37
|
+
"description": "TLDs to check, without dots. Default ['com','ai','dev','io','co']. Allowlist: com, ai, dev, io, co, app, xyz, org, net, tech, tools, page, studio, shop. Max 6."
|
|
38
|
+
},
|
|
39
|
+
"max_tm_hits": {
|
|
40
|
+
"type": "number",
|
|
41
|
+
"description": "Max trademark hits to include in the response. Default 5, hard cap 25."
|
|
42
|
+
}
|
|
43
|
+
},
|
|
44
|
+
"required": [
|
|
45
|
+
"name"
|
|
46
|
+
]
|
|
47
|
+
}
|
|
48
|
+
},
|
|
49
|
+
{
|
|
50
|
+
"name": "cve",
|
|
51
|
+
"http_name": "cve",
|
|
52
|
+
"description": "(0.005 USDC/call) CVE lookup / vulnerability database. NIST NVD-backed. CVSS v3.1+v2 scores, severity, affected CPEs, CWE, exploit indicators + LLM summary.",
|
|
53
|
+
"method": "POST",
|
|
54
|
+
"input_schema": {
|
|
55
|
+
"type": "object",
|
|
56
|
+
"properties": {
|
|
57
|
+
"cve_id": {
|
|
58
|
+
"type": "string",
|
|
59
|
+
"description": "e.g. 'CVE-2021-44228'."
|
|
60
|
+
}
|
|
61
|
+
},
|
|
62
|
+
"required": [
|
|
63
|
+
"cve_id"
|
|
64
|
+
]
|
|
65
|
+
}
|
|
66
|
+
},
|
|
67
|
+
{
|
|
68
|
+
"name": "cve-lookup",
|
|
69
|
+
"http_name": "cve-lookup",
|
|
70
|
+
"description": "(0.005 USDC/call) CVE lookup / vulnerability database. NIST NVD-backed. CVSS v3.1 + v2 scores, severity, affected CPEs, CWE class, references, public-exploit indicators. Plus LLM exploitability summary.",
|
|
71
|
+
"method": "POST",
|
|
72
|
+
"input_schema": {
|
|
73
|
+
"type": "object",
|
|
74
|
+
"properties": {
|
|
75
|
+
"cve_id": {
|
|
76
|
+
"type": "string",
|
|
77
|
+
"description": "e.g. 'CVE-2021-44228'."
|
|
78
|
+
}
|
|
79
|
+
},
|
|
80
|
+
"required": [
|
|
81
|
+
"cve_id"
|
|
82
|
+
]
|
|
83
|
+
}
|
|
84
|
+
},
|
|
85
|
+
{
|
|
86
|
+
"name": "db-migration-risk",
|
|
87
|
+
"http_name": "db-migration-risk",
|
|
88
|
+
"description": "(0.02 USDC/call) DB migration risk audit / SQL migration safety check / DROP COLUMN detector / unsafe ALTER TABLE detector / Postgres CREATE INDEX CONCURRENTLY check / Alembic op.drop_* detector / TRUNCATE/DELETE WHERE detector / foreign key NOT VALID check / pre-deploy DB gate. Walks `migrations/`, `prisma/migrations/`, `db/migrate/`, `supabase/migrations/`, `alembic/versions/` and flags destructive DDL, lock-heavy ALTER TABLE, NOT NULL without DEFAULT, plain CREATE INDEX (vs CONCURRENTLY), unbounded TRUNCATE/DELETE, and FK validation without NOT VALID. Returns 0-100 score, per-finding kind/severity/path/line/evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} for public GitHub or {files: [{path, content}, …]} for private / agent-workspace use.",
|
|
89
|
+
"method": "POST",
|
|
90
|
+
"input_schema": {
|
|
91
|
+
"type": "object",
|
|
92
|
+
"properties": {}
|
|
93
|
+
}
|
|
94
|
+
},
|
|
95
|
+
{
|
|
96
|
+
"name": "dep-risk-summary",
|
|
97
|
+
"http_name": "dep-risk-summary",
|
|
98
|
+
"description": "(0.03 USDC/call) repo dependency risk audit / package.json + lockfile vetter / unpinned dep detector / transitive dep counter / requirements.txt audit / pyproject dep risk / repo-level supply-chain risk score / Snyk-adjacent / deprecated dep detector / install-script dep detector. Best-effort scan of package.json, pnpm-lock.yaml, package-lock.json, yarn.lock, bun.lock (JS); requirements.txt, pyproject.toml, poetry.lock (Python); go.mod, go.sum (Go). Samples 10 alphabetically-first direct deps via npm/PyPI registry for deprecation + install-script signals. Returns 0-100 score, per-finding kind/severity/path/evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} or {files: [{path, content}, …]}.",
|
|
99
|
+
"method": "POST",
|
|
100
|
+
"input_schema": {
|
|
101
|
+
"type": "object",
|
|
102
|
+
"properties": {}
|
|
103
|
+
}
|
|
104
|
+
},
|
|
105
|
+
{
|
|
106
|
+
"name": "deploy-config-risk",
|
|
107
|
+
"http_name": "deploy-config-risk",
|
|
108
|
+
"description": "(0.02 USDC/call) deploy config audit / Dockerfile lint / vercel.json hardening / wrangler.toml review / docker-compose.yml safety / fly.toml secrets check / netlify deploy gate / open CORS detector / exposed admin port detector / plaintext secret in env detector / production-readiness deploy gate. Fetches deploy config files (Dockerfile, wrangler.toml, vercel.json, netlify.toml, fly.toml, docker-compose.yml, serverless.yml) and flags open CORS with credentials, exposed admin ports (22/5432/6379/etc), plaintext secrets in inline env, dev/debug mode left enabled, missing healthchecks. Returns 0-100 score, per-finding kind/severity/path/line/redacted-evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} for public GitHub or {files: [{path, content}, …]} for private / agent-workspace use.",
|
|
109
|
+
"method": "POST",
|
|
110
|
+
"input_schema": {
|
|
111
|
+
"type": "object",
|
|
112
|
+
"properties": {}
|
|
113
|
+
}
|
|
114
|
+
},
|
|
115
|
+
{
|
|
116
|
+
"name": "github-repo-health",
|
|
117
|
+
"http_name": "github-repo-health",
|
|
118
|
+
"description": "(0.03 USDC/call) GitHub repo health score / open-source maintainability checker. 0-100 score + grade (abandoned/stale/okay/healthy/thriving). Commit activity, contributors, license, CI, tests. Plus LLM verdict.",
|
|
119
|
+
"method": "POST",
|
|
120
|
+
"input_schema": {
|
|
121
|
+
"type": "object",
|
|
122
|
+
"properties": {
|
|
123
|
+
"repo": {
|
|
124
|
+
"type": "string",
|
|
125
|
+
"description": "owner/name."
|
|
126
|
+
}
|
|
127
|
+
},
|
|
128
|
+
"required": [
|
|
129
|
+
"repo"
|
|
130
|
+
]
|
|
131
|
+
}
|
|
132
|
+
},
|
|
133
|
+
{
|
|
134
|
+
"name": "package-risk-npm",
|
|
135
|
+
"http_name": "package-risk-npm",
|
|
136
|
+
"description": "(0.03 USDC/call) npm package risk score / supply-chain scanner / typosquat detector. Maintainer count, weekly downloads, install scripts, dependency depth, deprecation, age, typosquat distance to popular packages. Plus LLM risk summary.",
|
|
137
|
+
"method": "POST",
|
|
138
|
+
"input_schema": {
|
|
139
|
+
"type": "object",
|
|
140
|
+
"properties": {
|
|
141
|
+
"package_name": {
|
|
142
|
+
"type": "string",
|
|
143
|
+
"description": "e.g. 'lodash' or '@scope/name'."
|
|
144
|
+
},
|
|
145
|
+
"version": {
|
|
146
|
+
"type": "string",
|
|
147
|
+
"description": "Optional specific version (e.g. '4.17.21'). Default: latest tagged version."
|
|
148
|
+
}
|
|
149
|
+
},
|
|
150
|
+
"required": [
|
|
151
|
+
"package_name"
|
|
152
|
+
]
|
|
153
|
+
}
|
|
154
|
+
},
|
|
155
|
+
{
|
|
156
|
+
"name": "production-readiness-score",
|
|
157
|
+
"http_name": "production-readiness-score",
|
|
158
|
+
"description": "(0.10 USDC/call) production readiness score / AI app deploy gate / Prooflayer cluster aggregator / repo prod-risk composite / one-call audit / unified production readiness API / vibe-coded app safety scan. Calls all 5 Prooflayer component scanners (secrets-exposure-check, deploy-config-risk, db-migration-risk, dep-risk-summary, prompt-injection-surface) in parallel in-process and rolls findings into a weighted composite score (default weights: secrets 0.30, migrations 0.20, deps 0.20, deploy 0.15, prompt 0.15). Returns composite 0-100, production_grade (production-ready | needs-review | risky | do-not-ship), per-component sub-scores, top-N deduped findings sorted by severity + score_contribution, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} or {files: [{path, content}, …]}. Optional 'weights' override (each in [0,0.5], proportionally normalized) and 'max_findings' (default 10, cap 50).",
|
|
159
|
+
"method": "POST",
|
|
160
|
+
"input_schema": {
|
|
161
|
+
"type": "object",
|
|
162
|
+
"properties": {}
|
|
163
|
+
}
|
|
164
|
+
},
|
|
165
|
+
{
|
|
166
|
+
"name": "prompt-injection-surface",
|
|
167
|
+
"http_name": "prompt-injection-surface",
|
|
168
|
+
"description": "(0.03 USDC/call) AI prompt injection surface scanner / LLM call-site audit / unsanitized user input in prompts detector / system-message mixing flag / unbounded completion detector / AI app safety scan / pre-deploy AI risk gate. Walks .ts/.tsx/.js/.jsx/.py/.mjs/.cjs source files, locates LLM SDK call sites (anthropic, openai, @ai-sdk/*, google generative), and flags user input flowing into prompts without sanitization, calls without max_tokens caps, system/user prompt mixing, and LLM output used unvalidated in fetch/exec/eval. Returns 0-100 score, per-finding kind/severity/path/line/evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} (tree-walk, capped 500 files) or {files: [{path, content}, …]}.",
|
|
169
|
+
"method": "POST",
|
|
170
|
+
"input_schema": {
|
|
171
|
+
"type": "object",
|
|
172
|
+
"properties": {}
|
|
173
|
+
}
|
|
174
|
+
},
|
|
175
|
+
{
|
|
176
|
+
"name": "pypi-package-risk",
|
|
177
|
+
"http_name": "pypi-package-risk",
|
|
178
|
+
"description": "(0.01 USDC/call) PyPI package risk score / Python supply-chain scanner. Age, monthly downloads, install-script hooks (cmdclass/setup.py), dependency depth, deprecation, typosquat distance to 50 popular Python packages. Plus LLM risk summary.",
|
|
179
|
+
"method": "POST",
|
|
180
|
+
"input_schema": {
|
|
181
|
+
"type": "object",
|
|
182
|
+
"properties": {
|
|
183
|
+
"package_name": {
|
|
184
|
+
"type": "string",
|
|
185
|
+
"description": "PyPI package distribution name (e.g. 'requests', 'django'). Case-insensitive; resolved via pypi.org/pypi/{name}/json."
|
|
186
|
+
},
|
|
187
|
+
"version": {
|
|
188
|
+
"type": "string",
|
|
189
|
+
"description": "Optional specific version (e.g. '2.31.0'). Default: latest stable release."
|
|
190
|
+
}
|
|
191
|
+
},
|
|
192
|
+
"required": [
|
|
193
|
+
"package_name"
|
|
194
|
+
]
|
|
195
|
+
}
|
|
196
|
+
},
|
|
197
|
+
{
|
|
198
|
+
"name": "secrets-exposure-check",
|
|
199
|
+
"http_name": "secrets-exposure-check",
|
|
200
|
+
"description": "(0.02 USDC/call) secrets exposure scan / hardcoded API key detector / .env-committed-key audit / Next.js client env leak detector / pre-deploy secret gate. Fetches top-level config files (.env*, wrangler.toml, vercel.json, next.config.*, package.json, etc.) and scans for hardcoded AWS/OpenAI/Anthropic/Stripe/GitHub keys, private keys, DB URLs with passwords, JWT secrets, weak values in .env.example, and server-only env vars accidentally exposed via NEXT_PUBLIC_. Returns 0-100 score, per-finding kind/severity/path/line/redacted-evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} for public GitHub or {files: [{path, content}, …]} for private / agent-workspace use.",
|
|
201
|
+
"method": "POST",
|
|
202
|
+
"input_schema": {
|
|
203
|
+
"type": "object",
|
|
204
|
+
"properties": {}
|
|
205
|
+
}
|
|
206
|
+
}
|
|
207
|
+
];
|
package/package.json
ADDED
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@agentutility/mcp-prooflayer",
|
|
3
|
+
"version": "0.1.8",
|
|
4
|
+
"description": "MCP server for the @agentutility prooflayer cluster — pay-per-call x402 tools, no API keys, USDC on Base.",
|
|
5
|
+
"license": "MIT",
|
|
6
|
+
"type": "module",
|
|
7
|
+
"main": "dist/index.js",
|
|
8
|
+
"bin": {
|
|
9
|
+
"agentutility-mcp-prooflayer": "dist/index.js"
|
|
10
|
+
},
|
|
11
|
+
"files": [
|
|
12
|
+
"dist",
|
|
13
|
+
"README.md"
|
|
14
|
+
],
|
|
15
|
+
"repository": {
|
|
16
|
+
"type": "git",
|
|
17
|
+
"url": "https://github.com/rooz21/x402",
|
|
18
|
+
"directory": "packages/mcp-prooflayer"
|
|
19
|
+
},
|
|
20
|
+
"homepage": "https://mcp.agentutility.ai/prooflayer/",
|
|
21
|
+
"scripts": {
|
|
22
|
+
"build": "tsc",
|
|
23
|
+
"prepublishOnly": "npm run build"
|
|
24
|
+
},
|
|
25
|
+
"keywords": [
|
|
26
|
+
"mcp",
|
|
27
|
+
"model-context-protocol",
|
|
28
|
+
"x402",
|
|
29
|
+
"agentutility",
|
|
30
|
+
"agent-tools",
|
|
31
|
+
"prooflayer"
|
|
32
|
+
],
|
|
33
|
+
"dependencies": {
|
|
34
|
+
"@modelcontextprotocol/sdk": "^1.0.4",
|
|
35
|
+
"@x402/fetch": "^2.12.0",
|
|
36
|
+
"@x402/evm": "^2.12.0",
|
|
37
|
+
"viem": "^2.21.0"
|
|
38
|
+
},
|
|
39
|
+
"devDependencies": {
|
|
40
|
+
"@types/node": "^22.0.0",
|
|
41
|
+
"typescript": "^5.5.0"
|
|
42
|
+
},
|
|
43
|
+
"engines": {
|
|
44
|
+
"node": ">=18"
|
|
45
|
+
}
|
|
46
|
+
}
|