npm - agentpay-mcp - Versions diffs - 4.1.10 → 4.1.16 - Mend

agentpay-mcp 4.1.10 → 4.1.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (59) hide show

package/docs/authorized-cybersecurity-scan-profile.md ADDED Viewed

@@ -0,0 +1,56 @@
+# AgentPay MCP authorized cybersecurity-scan payment profile
+Paid cybersecurity MCP tools are different from normal paid APIs. A bad call can scan the wrong target, burn a budget, and create a compliance problem.
+AgentPay's buyer-side profile requires proof before signing:
+- target authorization attestation,
+- allowed-domain binding,
+- allowed scan category,
+- per-target spend cap,
+- scan-rate policy,
+- explicit human approval,
+- audit receipt language that keeps target authorization, spend cap, and x402 receipt metadata together.
+## Proof shape
+The fixture at `docs/fixtures/authorized-cybersecurity-scan-profile-agentaegis-2026-05-04.json` models an AgentAegis-style paid scan.
+Important fields:
+- `scan.target_domain`: the actual domain under test.
+- `authorization.allowed_domains`: domains the owner authorized.
+- `authorization.allowed_scan_categories`: categories permitted for that target.
+- `spend_policy.per_target_cap_usd`: hard cap for the target.
+- `spend_policy.spent_for_target_usd`: current spend for that target.
+- `rate_limit.scans_used_in_window`: anti-abuse rate state.
+- `approval_gate.approved`: human approval before x402 signing.
+- `audit_receipt.language`: receipt text retained for audit.
+## Failure rules
+The helper in `src/utils/authorized-cybersecurity-scan-profile.ts` denies payment when:
+- authorization is expired or not active yet,
+- target domain is missing from the attestation,
+- target domain is outside buyer policy,
+- requested scan category is not authorized,
+- requested cost exceeds buyer policy,
+- the request would exceed the per-target cap,
+- rate limit is exhausted,
+- human approval is missing,
+- audit retention is too short,
+- receipt language does not mention authorized target, spend cap, and x402 receipt.
+This keeps paid security tools usable without letting an agent turn x402 into an unauthorized scanner.
+## Verification
+Run:
+```bash
+npm run typecheck
+npm test -- authorized-cybersecurity-scan-profile
+```
+Expected behavior: unauthorized targets, expired attestations, cap overruns, exhausted rate limits, and missing approvals all fail closed.

package/docs/fixtures/authorized-cybersecurity-scan-profile-agentaegis-2026-05-04.json ADDED Viewed

@@ -0,0 +1,43 @@
+{
+  "schema": "agentpay-authorized-cybersecurity-scan-profile/v1",
+  "generated_at": "2026-05-04T21:25:00.000Z",
+  "scan": {
+    "tool_id": "paid.vulnerability.scan.basic",
+    "category": "vulnerability_scan",
+    "target": "https://example.com",
+    "target_domain": "example.com",
+    "requested_by_agent": "agentpay-demo-security-agent"
+  },
+  "authorization": {
+    "attestation_id": "authz-example-com-2026-05-04",
+    "granted_by": "security-owner@example.com",
+    "granted_at": "2026-05-04T21:00:00.000Z",
+    "expires_at": "2026-05-05T21:00:00.000Z",
+    "allowed_domains": ["example.com"],
+    "allowed_scan_categories": ["vulnerability_scan", "compliance_check"],
+    "proof_uri": "https://example.com/security/scan-authorization/authz-example-com-2026-05-04"
+  },
+  "spend_policy": {
+    "currency": "USD",
+    "per_target_cap_usd": 25,
+    "spent_for_target_usd": 8,
+    "requested_cost_usd": 4,
+    "x402_max_amount_required": "4000000"
+  },
+  "rate_limit": {
+    "window_seconds": 3600,
+    "max_scans_per_window": 3,
+    "scans_used_in_window": 1
+  },
+  "approval_gate": {
+    "fail_closed": true,
+    "requires_human_approval": true,
+    "approved": true,
+    "prompt": "Approve x402 payment for vulnerability scan against authorized target example.com with a 4 USD request and 25 USD per-target cap."
+  },
+  "audit_receipt": {
+    "receipt_id": "x402-scan-example-com-2026-05-04-001",
+    "retention_days": 365,
+    "language": "Paid cybersecurity scan executed for an authorized target with spend cap checks, x402 receipt metadata, rate-limit state, and target authorization retained for audit."
+  }
+}

package/docs/fixtures/chain-neutral-gateway-profile-rugmunch-2026-05-03.json ADDED Viewed

@@ -0,0 +1,43 @@
+{
+  "source": "https://x402-sol.cryptorugmuncher.workers.dev/.well-known/x402",
+  "checked_at": "2026-05-04T01:59:55Z",
+  "serviceName": "Rug Munch Intelligence",
+  "x402Version": 2,
+  "paymentHeader": "Payment-Signature",
+  "receiptHeader": "payment-response",
+  "networks": [
+    {
+      "network": "eip155:8453",
+      "name": "Base Mainnet",
+      "gateway": "https://x402-base.cryptorugmuncher.workers.dev",
+      "namespace": "eip155"
+    },
+    {
+      "network": "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp",
+      "name": "Solana Mainnet",
+      "gateway": "https://x402-sol.cryptorugmuncher.workers.dev",
+      "namespace": "solana"
+    }
+  ],
+  "facilitator": "https://facilitator.payai.network",
+  "settlement": {
+    "custody": "facilitator",
+    "description": "Live profile names PayAI facilitator and advertises Base plus Solana gateways. Buyer agents still need settlement, receipt, and refund consistency checks before signing."
+  },
+  "trial": {
+    "enabled": false,
+    "description": "Top-level profile says no free trials while endpoint rows mention one free call. Treat this as a policy consistency check before payment."
+  },
+  "refund": {
+    "supported": true,
+    "mode": "automatic",
+    "description": "Capability list advertises auto_refund. Buyers should require receipt-level refund state before relying on it."
+  },
+  "manifests": {
+    "wellKnownX402": "https://x402-sol.cryptorugmuncher.workers.dev/.well-known/x402",
+    "glama": "https://github.com/Rug-Munch-Media-LLC/x402-gateway-solana/blob/main/glama.json",
+    "smithery": "https://github.com/Rug-Munch-Media-LLC/x402-gateway-solana/blob/main/smithery.json",
+    "mcpCatalog": "https://x402-sol.cryptorugmuncher.workers.dev/mcp",
+    "openapi": "https://x402-sol.cryptorugmuncher.workers.dev/openapi.json"
+  }
+}

package/docs/fixtures/dynamic-paid-mcp-manifest-rugmunch-2026-05-04-baseline.json ADDED Viewed

@@ -0,0 +1,67 @@
+{
+  "snapshotId": "rugmunch-x402-2026-05-04T01-38Z",
+  "sourceUrl": "https://x402-sol.cryptorugmuncher.workers.dev/.well-known/x402",
+  "capturedAt": "2026-05-04T01:45:00Z",
+  "commitSha": "c376c769fb0d3205ca9878691489e21ec87c78ff",
+  "x402Version": 2,
+  "organization": "Rug Munch Intelligence",
+  "primaryNetwork": "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp",
+  "supportedNetworks": [
+    {
+      "network": "eip155:8453",
+      "name": "Base Mainnet",
+      "gateway": "https://x402-base.cryptorugmuncher.workers.dev"
+    },
+    {
+      "network": "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp",
+      "name": "Solana Mainnet",
+      "gateway": "https://x402-sol.cryptorugmuncher.workers.dev"
+    }
+  ],
+  "facilitator": "https://facilitator.payai.network",
+  "hasPayTo": true,
+  "capabilities": [
+    "crypto_data",
+    "mcp_tools",
+    "multi_chain",
+    "free_trial",
+    "no_api_key",
+    "instant_settlement",
+    "auto_refund"
+  ],
+  "mcp": {
+    "totalTools": 175,
+    "totalServices": 28,
+    "protocol": "2025-03-26",
+    "catalog": "https://x402-sol.cryptorugmuncher.workers.dev/mcp"
+  },
+  "trial": {
+    "enabled": true,
+    "description": "One trial call available before paid calls"
+  },
+  "pricing": {
+    "endpointCount": 29,
+    "endpointsWithPrice": 29,
+    "endpointsWithPriceAtomic": 29,
+    "minimumPriceUsd": "$0.01",
+    "distinctPrices": [
+      "$0.01",
+      "$0.02",
+      "$0.03",
+      "$0.05"
+    ]
+  },
+  "directories": {
+    "wellKnownX402": "https://x402-sol.cryptorugmuncher.workers.dev/.well-known/x402",
+    "openapi": "https://x402-sol.cryptorugmuncher.workers.dev/openapi.json",
+    "documentation": "https://x402-sol.cryptorugmuncher.workers.dev/docs",
+    "mcpCatalog": "https://x402-sol.cryptorugmuncher.workers.dev/mcp",
+    "frameworks": {
+      "openai": "https://x402-sol.cryptorugmuncher.workers.dev/openai-tools",
+      "anthropic": "https://x402-sol.cryptorugmuncher.workers.dev/anthropic-tools",
+      "gemini": "https://x402-sol.cryptorugmuncher.workers.dev/gemini-tools",
+      "langchain": "https://x402-sol.cryptorugmuncher.workers.dev/langchain-tools",
+      "mcp": "https://x402-sol.cryptorugmuncher.workers.dev/mcp-tools"
+    }
+  }
+}

package/docs/fixtures/dynamic-paid-mcp-manifest-rugmunch-2026-05-04.json ADDED Viewed

@@ -0,0 +1,67 @@
+{
+  "snapshotId": "rugmunch-x402-2026-05-04T05-18Z",
+  "sourceUrl": "https://x402-sol.cryptorugmuncher.workers.dev/.well-known/x402",
+  "capturedAt": "2026-05-04T05:35:00Z",
+  "commitSha": "ab67483adb2585e475b5e2bcf37389a739e2ad97",
+  "x402Version": 2,
+  "organization": "Rug Munch Intelligence",
+  "primaryNetwork": "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp",
+  "supportedNetworks": [
+    {
+      "network": "eip155:8453",
+      "name": "Base Mainnet",
+      "gateway": "https://x402-base.cryptorugmuncher.workers.dev"
+    },
+    {
+      "network": "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp",
+      "name": "Solana Mainnet",
+      "gateway": "https://x402-sol.cryptorugmuncher.workers.dev"
+    }
+  ],
+  "facilitator": "https://facilitator.payai.network",
+  "hasPayTo": true,
+  "capabilities": [
+    "crypto_data",
+    "mcp_tools",
+    "multi_chain",
+    "free_trial",
+    "no_api_key",
+    "instant_settlement",
+    "auto_refund"
+  ],
+  "mcp": {
+    "totalTools": 184,
+    "totalServices": 28,
+    "protocol": "2025-03-26",
+    "catalog": "https://x402-sol.cryptorugmuncher.workers.dev/mcp"
+  },
+  "trial": {
+    "enabled": false,
+    "description": "No free trials - pay per call from $0.01 USDC"
+  },
+  "pricing": {
+    "endpointCount": 30,
+    "endpointsWithPrice": 30,
+    "endpointsWithPriceAtomic": 30,
+    "minimumPriceUsd": "$0.01",
+    "distinctPrices": [
+      "$0.01",
+      "$0.02",
+      "$0.03",
+      "$0.05"
+    ]
+  },
+  "directories": {
+    "wellKnownX402": "https://x402-sol.cryptorugmuncher.workers.dev/.well-known/x402",
+    "openapi": "https://x402-sol.cryptorugmuncher.workers.dev/openapi.json",
+    "documentation": "https://x402-sol.cryptorugmuncher.workers.dev/docs",
+    "mcpCatalog": "https://x402-sol.cryptorugmuncher.workers.dev/mcp",
+    "frameworks": {
+      "openai": "https://x402-sol.cryptorugmuncher.workers.dev/openai-tools",
+      "anthropic": "https://x402-sol.cryptorugmuncher.workers.dev/anthropic-tools",
+      "gemini": "https://x402-sol.cryptorugmuncher.workers.dev/gemini-tools",
+      "langchain": "https://x402-sol.cryptorugmuncher.workers.dev/langchain-tools",
+      "mcp": "https://x402-sol.cryptorugmuncher.workers.dev/mcp-tools"
+    }
+  }
+}

package/docs/fixtures/multi-ledger-receipt-xrpl-utilities-2026-05-04.json ADDED Viewed

@@ -0,0 +1,35 @@
+{
+  "schema": "agentpay-x402-multi-ledger-receipt/v1",
+  "observedAt": "2026-05-05T01:10:00.000Z",
+  "source": {
+    "name": "XRPL-Utilities MCP market signal",
+    "repo": "XRPL-Utilities/xrpl-utilities-mcp",
+    "evidenceUrl": "https://github.com/XRPL-Utilities/xrpl-utilities-mcp",
+    "pushedAt": "2026-05-05T01:02:00.000Z"
+  },
+  "payment": {
+    "x402Version": "2.x",
+    "paymentHeader": "Payment-Signature",
+    "receiptHeader": "payment-response"
+  },
+  "ledger": {
+    "label": "XRPL extension point",
+    "namespace": "xrpl",
+    "chainId": "xrpl-mainnet"
+  },
+  "settlement": {
+    "asset": "RLUSD or XRP, provider-declared",
+    "target": "unsupported-until-allowlisted"
+  },
+  "verification": {
+    "status": "unsupported_refused",
+    "verifier": "AgentPay buyer policy",
+    "checkedAt": "2026-05-05T01:10:00.000Z"
+  },
+  "boundary": {
+    "custody": "unknown",
+    "nonCustodial": false,
+    "description": "AgentPay does not sign XRPL settlement until signer, asset, target, facilitator, and receipt semantics are explicitly implemented."
+  },
+  "unsupportedLedgerRefusal": "Refused before signing: XRPL x402 rail is visible but not allowlisted. Add ledger namespace, asset parser, settlement target allowlist, verifier, receipt mapping, and non-custodial signer support before retrying."
+}

package/docs/fixtures/paid-tool-quality-threshold-strale-2026-05-04.json ADDED Viewed

@@ -0,0 +1,53 @@
+{
+  "schema": "agentpay-paid-tool-quality-proof/v1",
+  "generated_at": "2026-05-04T21:20:00.000Z",
+  "source": {
+    "name": "Strale-style scored paid MCP tool",
+    "url": "https://github.com/strale-io/strale",
+    "commit": "market-intel-2026-05-04",
+    "raw_score_field": "sqs"
+  },
+  "tool": {
+    "id": "web3.balance.lookup",
+    "name": "Web3 balance lookup",
+    "provider_id": "provider.strale.example",
+    "capability": "web3"
+  },
+  "score": {
+    "current": 92,
+    "maximum": 100,
+    "min_required": 85,
+    "measured_at": "2026-05-04T21:18:00.000Z",
+    "stale_after_seconds": 900,
+    "dimensions": {
+      "reliability": 94,
+      "availability": 91,
+      "receipt_integrity": 93,
+      "policy_fit": 89
+    }
+  },
+  "provider_health": {
+    "status": "ok",
+    "success_rate_24h": 0.98,
+    "last_success_at": "2026-05-04T21:19:00.000Z",
+    "stale_streak": 0,
+    "receipt_state": "verified"
+  },
+  "x402_payment": {
+    "scheme": "exact",
+    "network": "base",
+    "asset": "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48",
+    "payTo": "0x1111111111111111111111111111111111111111",
+    "maxAmountRequired": "50000"
+  },
+  "approval_gate": {
+    "fail_closed": true,
+    "requires_human_approval": true,
+    "decision": "allow",
+    "reason": [
+      "Quality score is current and above buyer threshold.",
+      "Provider health snapshot is fresh and receipt verified.",
+      "x402 payment metadata matches buyer allowlist."
+    ]
+  }
+}

package/docs/fixtures/wallet-action-preflight-merx-2026-05-04.json ADDED Viewed

@@ -0,0 +1,54 @@
+{
+  "schema": "agentpay-wallet-action-preflight/v1",
+  "source": {
+    "name": "merx-mcp market signal",
+    "repo": "nicosmall503/merx-mcp",
+    "evidenceUrl": "https://github.com/nicosmall503/merx-mcp",
+    "observedAt": "2026-05-05T01:10:00.000Z"
+  },
+  "action": {
+    "kind": "resource_purchase",
+    "chainNamespace": "tvm",
+    "chainId": "tron-mainnet",
+    "asset": "TRX",
+    "amount": "12.5",
+    "recipient": "TAllowlistedRecipient111111111111111111111",
+    "nonce": "simulation-required-before-nonce-lock",
+    "irreversible": true
+  },
+  "simulation": {
+    "required": true,
+    "status": "passed",
+    "simulationId": "merx-style-tron-resource-sim-2026-05-05",
+    "expectedOutcome": "Buy bandwidth or energy for one allowlisted wallet action without transferring custody.",
+    "resourceEstimate": {
+      "feeAsset": "TRX",
+      "maxNetworkFee": "1.0",
+      "energy": 25000,
+      "bandwidth": 600
+    }
+  },
+  "policy": {
+    "perActionSpendCap": "25",
+    "dailyChainSpendCap": "100",
+    "allowedRecipients": ["TAllowlistedRecipient111111111111111111111"],
+    "allowedAssets": ["TRX", "USDT", "USDC", "USDD"],
+    "resourceCaps": {
+      "maxNetworkFee": "2.5",
+      "maxEnergy": 50000,
+      "maxBandwidth": 1000
+    },
+    "requireHumanApproval": true
+  },
+  "approvalCopy": {
+    "title": "Approve TRON wallet resource purchase?",
+    "summary": "AgentPay detected an irreversible wallet-action request. Simulation passed and policy caps are satisfied.",
+    "lineItems": [
+      "Recipient: TAllowlistedRecipient111111111111111111111",
+      "Amount: 12.5 TRX, cap 25 TRX per action",
+      "Simulation: merx-style-tron-resource-sim-2026-05-05 passed",
+      "Resource cost: max 1.0 TRX network fee, 25,000 energy, 600 bandwidth"
+    ],
+    "irreversibleWarning": "Signing will authorize an irreversible TRON resource purchase. Decline if recipient, amount, or resource estimate differs from the intended task."
+  }
+}

package/docs/paid-mcp-proxy-discovery-readiness.md ADDED Viewed

@@ -0,0 +1,70 @@
+# Paid MCP proxy and discovery readiness pack
+Toolstem and Cinderwright show the next buyer channel for paid tools: proxies that convert existing SaaS tools into x402-paid MCP endpoints, plus directories that compare paid services across x402, MPP, and L402.
+AgentPay should be easy for those surfaces to list without giving them custody, overstating ledger support, or hiding buyer policy.
+## Market signal
+Sources fetched during the May 4 market-intel cycle:
+- `toolstem/toolstem-proxy` describes an x402-paid proxy for Apify-backed MCP tools without Apify signup.
+- `cinderwright-ai/cinderwright-api` describes discovery data across x402, MPP, and L402, with 1,551 services and paid market-intelligence endpoints.
+## Paid-proxy recipe for tool authors
+Use this pattern when wrapping an existing API, actor, or MCP server with x402:
+1. Keep the upstream service token on the provider side. Do not ask buyer agents to hold pooled SaaS credentials.
+2. Publish a fresh `.well-known/x402` offer with price, asset, network, `payTo`, terms, and refund policy.
+3. Return typed 402 errors for unpaid, underpaid, wrong-network, stale-receipt, quota, and provider-health failures.
+4. Charge only after the request is valid enough to execute. Validation failures should not bill.
+5. Expose provider-health and quality fields before payment.
+6. Include idempotency keys so retries do not double charge.
+7. Make directory metadata crawlable without a private key.
+8. Let buyers bring AgentPay for approval gates, caps, allowlists, and x402 receipt logging.
+## AgentPay listing metadata
+Directories can list AgentPay with these fields:
+```json
+{
+  "name": "agentpay-mcp",
+  "role": "buyer-side x402 payment-control layer",
+  "package": "agentpay-mcp",
+  "mcp_name": "io.github.up2itnow0822/agentpay",
+  "settlement": "x402 with local non-custodial signing",
+  "supports": ["MCP", "x402", "human approval", "spend caps", "receipt logging"],
+  "does_not_provide": ["managed custody", "pooled SaaS token custody", "automatic non-EVM signing"],
+  "install": "npx agentpay-mcp",
+  "proofs": [
+    "docs/agentpay-five-tool-parity-proof.md",
+    "docs/agentpay-escrow-reputation-boundary.md",
+    "docs/agentpay-machine-payment-directory-listing.json",
+    "docs/x402-dynamic-paid-mcp-manifest-drift.md",
+    "docs/paid-provider-health-proof.md"
+  ]
+}
+```
+## Discovery insertion checklist
+Before submitting AgentPay to a paid-MCP or machine-payment directory, verify:
+- npm package name and current version.
+- GitHub repository URL.
+- MCP package identity.
+- Install command and required environment variables.
+- No private key required for `initialize` or `tools/list`.
+- x402-only wording is present.
+- Base/USDC production signing is not broadened into unsupported non-EVM claims.
+- Proof docs are linked for five-tool parity, manifest drift, provider health, quality gates, receipt normalization, and escrow boundary.
+## Outreach posture
+For Toolstem-style proxies, propose buyer-side approval and receipt guidance, not a partnership claim.
+For Cinderwright-style directories, propose adding AgentPay as a buyer-control tool with exact metadata and proof links.
+For Dexter-style five-tool flows, propose interoperability language: AgentPay can satisfy the same buyer sequence with local signing and explicit policy checks, while hosted session wallets remain a different trust model.

package/docs/paid-tool-quality-thresholds.md ADDED Viewed

@@ -0,0 +1,47 @@
+# AgentPay MCP paid-tool quality thresholds
+Strale's May 4 launch signal is clear: paid MCP buyers are going to ask for score gates, not only catalog listings.
+A paid tool directory can be useful and still be unsafe for wallet signing. The buyer needs four checks before any x402 call:
+1. A fresh tool-quality score with the exact field used by the directory.
+2. A provider-health snapshot for the provider that will receive payment.
+3. A minimum-quality policy owned by the buyer, not the seller.
+4. A fail-closed approval gate that blocks signing when the proof is stale, below threshold, or missing x402 metadata.
+## Proof shape
+The fixture at `docs/fixtures/paid-tool-quality-threshold-strale-2026-05-04.json` uses:
+- `score.current`, `score.min_required`, `score.measured_at`, and `score.stale_after_seconds`.
+- dimension scores for reliability, availability, receipt integrity, and policy fit.
+- `provider_health.status`, `success_rate_24h`, `stale_streak`, and `receipt_state`.
+- x402 payment metadata: network, asset, payTo, and max amount.
+- `approval_gate.fail_closed=true` plus a buyer approval decision.
+## Buyer policy
+AgentPay treats the buyer policy as the final authority. If a directory says `min_required=75` and the buyer policy says `minimumScore=85`, the buyer policy wins.
+The helper in `src/utils/paid-tool-quality-threshold.ts` denies payment when:
+- the score or proof is older than the buyer's maximum age,
+- the score is older than the proof's own stale window,
+- the score falls below the buyer threshold,
+- provider health is degraded or below the required success rate,
+- receipt state is not verified when verified receipts are required,
+- x402 network, asset, or payTo are outside the allowlist,
+- human approval is required but missing.
+That gives AgentPay parity with score-threshold catalogs while keeping signing authority on the buyer side.
+## Verification
+Run:
+```bash
+npm run typecheck
+npm test -- paid-tool-quality-threshold
+```
+Expected behavior: stale or below-threshold proofs return `decision: "deny"` and never permit x402 signing.

package/docs/post-quantum-spend-envelope-compatibility.md ADDED Viewed

@@ -0,0 +1,37 @@
+# AgentPay MCP post-quantum spend-envelope compatibility assessment
+PQSafe's May 4 signal pushes spend authorization into a post-quantum envelope frame: ML-DSA-65 signatures, AP2 and ACP compatibility language, MCP endpoints, audit ledgers, and x402 routing.
+AgentPay should answer that without overclaiming. Current AgentPay artifacts map cleanly to envelope concepts at the policy and receipt layer, but this package does not claim post-quantum cryptography.
+## Compatibility map
+| AgentPay control | Envelope concept | Status |
+| --- | --- | --- |
+| Spend limits | maximum authorized spend inside a signed envelope | Compatible |
+| Network, asset, and recipient allowlists | route constraints attached to spend intent | Compatible |
+| x402 receipts | receipt pointer for audit and reconciliation | Requires adapter |
+| Approval gates | approval before spend execution | Compatible |
+| agent_id, task_id, policy_version, receipt_id | audit ledger payload | Requires adapter |
+## Explicit non-claims
+AgentPay MCP does not claim any of the following from this assessment:
+- ML-DSA-65 signing,
+- post-quantum key lifecycle,
+- AP2 envelope conformance,
+- ACP envelope conformance,
+- Arbitrum audit-ledger publication.
+Those claims require implementation, fixtures, and cryptographic tests before they belong in product docs.
+## Practical buyer response
+If a buyer asks whether AgentPay can coexist with post-quantum spend envelopes, the current answer is:
+- AgentPay spend policies, allowlists, approval gates, x402 receipts, and audit metadata are compatible inputs to an envelope adapter.
+- AgentPay can preserve receipt IDs and policy versions so an envelope signer can bind payment approval to settlement evidence.
+- AgentPay should not market ML-DSA or post-quantum signing until tests verify it.
+The helper at `src/utils/post-quantum-spend-envelope-compatibility.ts` returns this assessment in code so docs and future adapter work start from the same boundaries.