tate@programs ~/services/agent-payment-launch-review x402 / MPP / AgentCore / Workers

agent payment launch review / may 2026

Scope the private review before a paid agent goes live.

AWS AgentCore Payments, Cloudflare Workers, x402, MPP, and Pay.sh are making paid API calls part of the agent runtime. Start with a $49 no-payment proof pass for one public surface, scope the $149 review for a full patch order, use the $249 five-attack review for the May 2026 threat map, or use the $299 fix sprint when one authorized blocker needs implementation help.

build review scope pay $49 quick pass $349 subscription boundary $249 five-attack review $299 fix sprint run free surface check build spend policy attack map pricing source ledger

entry: $49 / $149 / $249 / $299
mode: private first
output: patch order

payment.review

$ review scope --rail x402 --agentcore
surface: manifest + live 402 routes
checks: CORS, cache, resource, replay
policy: session cap + recipient allowlist
evidence: receipts + denied attempts
deliverable: spend map + patch order

deliverable

What the private review sends back.

sample report

$49

Quick proof pass

One public manifest, OpenAPI file, PR, or direct paid endpoint. Output is a concise private note with the no-payment route map, clean proof, and top patch items.

$299

Fix sprint

One small authorized patch path for a launch blocker: CORS, cache headers, resource binding, discovery docs, registry proof, or idempotency notes.

$249

Five-attack review

May 2026 pass mapped to finality, settlement binding, replay, cache/header handling, discovery steering, and patch order.

surface

No-payment route map

Manifest, OpenAPI, direct endpoint, 402 challenge, MPP header, browser preflight, and resource-binding notes.

spend

Loss-boundary map

Session cap, per-call cap, recipient allowlist, wallet isolation, approval gates, and denial paths.

http

Cache and CORS pass

Checks for browser-readable payment challenges, x402/MPP retry-header preflight, `Cache-Control`, `Vary`, and paid-response cache hazards.

settle

Replay and settlement notes

Request ids, idempotency, facilitator binding, finality assumptions, failed-payment reconciliation, and receipt proof.

privacy

Metadata boundary

Prompt text, query tokens, user identifiers, resource URLs, and receipt fields are reviewed for unnecessary leakage.

order

Patch order

The output is ranked by launch risk, so the first fix is the one most likely to block trust or break a real buyer flow.

source ledger

Why this scope exists now.

aws

AgentCore Payments preview

AWS describes payment connections through Coinbase and Stripe/Privy wallets, session-level spending limits, and automatic x402 handling when agents hit paid resources.

open AWS note

cloudflare

Workers and MCP paid tools

Cloudflare documents agentic payments through HTTP 402, including x402 and MPP paths for Workers and MCP tools.

open Cloudflare docs

research

x402 attack surface

The May 2026 x402 attack preprint maps practical risks around finality, settlement binding, replay, HTTP cache/proxy behavior, and discovery selection.

open arXiv paper

tooling

Strict cache scan

x402-surface-check@0.2.35 checks browser readability for header-only payment challenges and common x402/MPP retry headers, plus Streamable HTTP MCP tool-catalog probing with safe JSON-RPC tools/list requests, route-catalog parsing, nested discovery, endpoint-bearing tool-map parsing, and direct links from npm to private re-check and fix-sprint scopes. It also keeps strict proof checks for payment-identifier idempotency, signed offer/receipt evidence, registry URL hygiene, strict cache findings, payment-enforcement header drift, accept-leg resource binding, and timeout/expiry checks.

open surface checker

Private-first review

Send the generated scope before paying so the review or fix boundary is clear.

Email scope