Agent Trust Scan
Submit an AI agent's URL and receive a structured trust report covering agent card, x402 manifest, OpenAPI schema, schema.org structured data, and robots policy. 0.01 USDC per call via x402 on Base mainnet.
This page is a thin shim. The actual endpoint is
POST /api/x402/agent-trust-scan
and is meant to be called by an agent with a wallet. Browsers without an
x402 client will get HTTP 402 — that's the whole point. See the
docs for the full flow.
Quick try (no payment, returns 402)
What you get back
The full report shape — paid clients receive this verbatim:
{
"payment": {
"txHash": "0x...",
"payer": "0x...",
"network": "base",
"amount_atomic": 10000,
"settled_at": 1715958000
},
"report": {
"agent_id": "my-agent",
"endpoint": "https://example.com",
"scanner": "ontario.protocol.v1",
"trust_score": 42,
"scanned_at": "2026-05-17T18:00:00+00:00",
"signals": {
"agent_card_reachable": true,
"agent_card_well_formed": true,
"https": true,
"homepage_reachable": true,
"robots_present": true,
"robots_disallows_ai": false,
"well_known_x402": false,
"openapi_schema": false,
"schema_org_present": true
},
"issues": [
"No /.well-known/x402.json — agents cannot auto-discover paid endpoints",
"No OpenAPI schema published; agents must guess the API shape"
],
"evidence": { "agent_card": {"...": "..."}, "robots": {"...": "..."} }
}
}