{"name":"Agent Security Gateway","version":"1.0.0","description":"Pay-per-request security APIs for autonomous AI agents. Detect prompt injection, validate content, scan threats, and enforce tool permission policies.","capabilities":[{"name":"Security Scanner","endpoint":"POST /api/security/scan","type":"paid","pricing":"0.05 USDC","x402_required":true,"purpose":"Scan text for Japanese prompt injection, hidden instructions, and threats before external API calls."},{"name":"Metadata Sanitizer","endpoint":"POST /api/security/metadata-sanitize","type":"paid","pricing":"0.05 USDC","x402_required":true,"purpose":"Sanitize payment metadata before x402 or stablecoin payment execution."},{"name":"Tool Permission Policy Builder","endpoint":"POST /api/tool-permission-policy/build","type":"experimental_stateless_builder","pricing":"free","x402_required":false,"purpose":"Creates external policy material for AI-agent tool and API permission decisions, including allowed tools, blocked tools, approval rules, risk boundaries, context state, and Atom-compatible reference.","use_when":["an AI agent needs tool permission rules before using external APIs","an AI agent needs boundaries before reading memory or accessing network resources","a developer needs external permission material for AI-agent tool use","a system needs a policy that can feed into Spending Policy, Budget Check, Agent Action Atom, Payment Action Record, and Evidence Packet workflows"],"can_feed_into":["Agent Spending Policy","Budget Check","Agent Action Atom","Agent Payment Action Record","Payment Control Evidence Packet","Decision Cost Trace","Tool Permission Boundary"],"non_goals":["not a sandbox","not a model provider","not a wallet","not a payment protocol","not a settlement layer","not a legal compliance system","not an official standard"]},{"name":"Command Execution Gate Builder","endpoint":"POST /api/command-execution-gate/build","type":"experimental_stateless_builder","pricing":"free","x402_required":false,"purpose":"Builds a command execution gate record for an AI-agent-proposed shell command. Detects dangerous patterns, assesses risk, and recommends deny, require_human_approval_or_sandbox, or allow_with_monitoring. Does NOT execute commands.","use_when":["an AI agent is about to execute a shell command derived from external data","a tool output contains a command to run and the source is untrusted","an agent needs to assess command execution risk before proceeding","a CI/CD or automation agent needs external control material for command decisions"],"can_feed_into":["Tool Permission Policy","Agent Spending Policy","Agent Action Atom","Execution Provenance Trace","Payment Control Evidence Packet","External Control Materials Map"],"non_goals":["not a shell executor","not a sandbox runtime","not a model provider","not a wallet","not a payment protocol","not a settlement layer","not a legal compliance system","not an official standard"]},{"name":"Agent Tool Approval API","endpoint":"POST /api/tool-approval/check","type":"tool_approval_decision","pricing":"free","x402_required":false,"purpose":"Returns allow, deny, or review_required before an AI agent uses a tool.","use_when":["an AI agent needs approval before using Bash, Write, Edit, or an MCP tool","a system needs to decide whether to allow, deny, or require human review for a tool use request","a developer needs an evidence_id for a tool approval decision","a Claude, Codex, Cursor, or MCP-based agent needs an external approval gate"],"returns":["decision","risk_level","reason","recommended_action","tool_category","source_trust_status","blocked_patterns","evidence_id"],"can_feed_into":["Command Execution Gate","Tool Permission Policy","Execution Trace","External Control Materials Map"],"non_goals":["does not execute tools","does not execute shell commands","does not modify files","does not read secrets","not a sandbox","not a runtime","not an official standard","not legal compliance software"]}],"external_control_materials_map":{"name":"External Control Materials Map v0.2","url":"https://ai-agent-payment-safety-stack.onrender.com/.well-known/external-control-materials.json","purpose":"AI-readable map showing how memory provenance, tool permission, observability boundaries, command execution gates, spending policy, budget checks, payment records, evidence packets, and payment evidence checks fit together.","version":"0.2"},"role_in_flow":["Step 2: Tool Permission","Step 3: Observability Data Boundary","Step 4: Command Execution Gate"]}