Skip to content
clusters: prooflayer · edgemarket · edgefinance · synthforge · mediakit · wordmint · webprobe · locale · comppoint · rollforge · bestiary · statline · matchpoint · retail · agentops · browserworkflow · modelrouter · compose
$ man agent-prelaunch-audit

/agent-prelaunch-audit

agentutility / compose / agent-prelaunch-audit
PRICE / CALL
$0.08
USDC · base mainnet · scheme: exact
METHOD
POST
CLUSTER
compose
CATEGORY
uncategorized
STATUS
live
NAME
agent-prelaunch-audit ship-readiness check before you push an ai app live: agent due diligence and prelaunch audit in one call instead of six
SYNOPSIS
POST https://x402.agentutility.ai/agent-prelaunch-audit
     Content-Type: application/json
     X-PAYMENT:    <signed-transferWithAuthorization>

     { ... }
↳ first call → 402 Payment Required. Sign USDCtransferWithAuthorization, retry with theX-PAYMENT header.
DESCRIPTION

Ship-readiness check before you push an AI app live: agent due diligence and prelaunch audit in one call instead of six. Inspects deploy config, secret exposure, prompt-injection surface, dependency risk, and database migration risk, then rolls the result into one readiness view. Composite: one call runs deploy-config-risk + secrets-exposure-check + prompt-injection-surface + dep-risk-summary + db-migration-risk + production-readiness-score in parallel into {deploy_config, secrets, prompt_injection, dependencies, db_migration, readiness_score}. Send a repo ('owner/name') for a live scan, or any mix of config, deps, prompt, and sql; each maps to its matching check, so partial input still returns a partial verdict. Advisory and heuristic only, it flags patterns and never executes code. Use it as an ai app security check, a pre-deploy audit gate, or a ship-readiness score.

INPUTrequest schema
propertytypedescriptionreq?
repostringGitHub repo in 'owner/name' format to scan live instead of sending inline config/deps/prompt/sql. When present, all six checks run against the repo and the other fields are ignored.optional
configobject | stringDeploy config to audit for open CORS, exposed admin ports, plaintext secrets, dev/debug mode left on, and missing healthchecks. Object or raw config-file text.optional
depsarray | objectDependency list to audit for deprecation, install-script risk, and lockfile/pinning issues. Either an array of package names/{name,version} objects, or a name-to-version object.optional
promptstringSystem or app prompt to check for prompt-injection surface: unsanitized user input reaching the prompt, unbounded completions, and system/user role mixing.optional
sqlstringMigration SQL to audit for destructive DDL, lock-heavy ALTER TABLE, NOT NULL columns without a DEFAULT, and unbounded TRUNCATE/DELETE.optional
OUTPUTresponse shape
fieldtypedescription
modestring
repostring
deploy_configstring
secretsstring
prompt_injectionstring
dependenciesstring
db_migrationstring
readiness_scorestring
composed_ofstring
componentsstring
degradedstring
EXAMPLEStwo ways to call
EXAMPLE 1 · curl
curl -X POST https://x402.agentutility.ai/agent-prelaunch-audit \
  -H 'Content-Type: application/json' \
  -d '{ }'
first response = 402 Payment Required with payment requirements; sign + retry with X-PAYMENT.
EXAMPLE 2 · mcp
# Install the MCP package for this endpoint's cluster
npx -y @agentutility/mcp-<cluster>

# Required: EVM private key with USDC on Base
export X402_PRIVATE_KEY=0x...

# Then call the agent-prelaunch-audit tool from your MCP-aware agent.
MCP server handles payment automatically — your coding agent just calls the tool by name.
METADATA
tags
composeagentprelaunchauditagent-prelaunch-audit
methods
POST
cluster
compose
price
$0.08 USDC per call
ADJACENTother endpoints in compose
endpointdescriptionprice
company-intel-packCompany research bundle for B2B enrichment agents: firmographic profile, domain intelligence, WHOIS registration, TLS posture, tech stack…$0.08
country-risk-monitorRe-runnable country monitor: recency-scoped web search headlines, any live Polymarket prediction markets referencing the country (data-on…$0.08
cyber-exposure-briefExternal exposure summary for a domain: DNS records, the hosting network/ASN behind the resolved IP, TLS certificate posture, and a web s…$0.08
domain-threat-reportDomain threat report API for a security investigation on any domain: is this a phishing domain, a lookalike squat, or a legitimate regist…$0.08
esg-company-scanSummary of a company's publicly reported ESG posture: a web search scoped to sustainability/emissions/labor/governance coverage plus a st…$0.08
image-asset-pipelineTurns a text prompt into a production-ready image asset in one call: generate, sharpen, cut out the background.$0.08
meeting-briefTurns a meeting or call recording into speaker-labeled notes and a summary in one call.$0.08
patent-landscape-briefApproximate patent/prior-art landscape for a topic, built from published technical prior art rather than a patent-office filing search: a…$0.08
SEE ALSO
agentutility · compose · x402 · mcp · llms.txt · registry.json · bazaar.x402.org