Agentpay Sentinel
БесплатноНе проверенSecurity guardrails for AI agent payments
Описание
Security guardrails for AI agent payments
README
AgentPay Sentinel MCP
A watchdog MCP that validates every agent payment request against all 9 security checks before it executes — catching policy violations, replay attacks, amount tampering, revoked tokens, and budget overruns at call time.
What your agent can do
- Run a pre-flight audit on any payment transaction before executing it — get PASS or BLOCKED with the specific check that failed
- Validate token integrity: confirms the SHA-256 hash matches the expected
merchant_id:amountbinding, catching forged or tampered tokens - Enforce budget caps: rejects transactions where
current_spend + amount > budget_capand returns exact remaining budget - Check merchant allowlist membership and block purchases in restricted categories
- Verify token expiry and rate limits before the payment fires
- Simulate known attack vectors (token forgery, budget overflow, replay, merchant spoof, expiry bypass) and get the specific defense mechanism and detection method for each
Installation
Requires: Python 3.10+, mcp package.
pip install mcp
Claude Desktop — add to ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):
{
"mcpServers": {
"agentpay-sentinel": {
"command": "python",
"args": ["/absolute/path/to/agentpay-sentinel-mcp/server.py"]
}
}
}
Cursor — add to .cursor/mcp.json in your project root:
{
"mcpServers": {
"agentpay-sentinel": {
"command": "python",
"args": ["/absolute/path/to/agentpay-sentinel-mcp/server.py"]
}
}
}
Tool Reference
| Tool | Description | Key params |
|---|---|---|
sentinel_audit_transaction |
Run all 9 security checks; returns PASS/BLOCKED + SHA-256 audit hash | token_hash, merchant_id, amount, current_spend, budget_cap (required) · nonce, token_id, approved_amount (enable checks 7–9) |
sentinel_revoke_token |
Permanently revoke a token — all future audits with this token_id will BLOCK |
token_id, reason |
sentinel_clear_nonce |
Remove a nonce from the replay store (for legitimate refunds/retries only) | nonce |
sentinel_verify_chain |
Verify a sequence of audit hashes forms an unbroken chain | audit_hashes, expected_chain_root |
sentinel_threat_model |
Simulate any named attack vector; returns severity, defence, and detection | attack_vector, context |
All 9 checks run by sentinel_audit_transaction
| # | Check | What it catches | Param |
|---|---|---|---|
| 1 | Token integrity | SHA-256 hash mismatch — forged tokens | token_hash |
| 2 | Budget enforcement | Spend exceeding cap | current_spend, budget_cap |
| 3 | Merchant allowlist | Payment to unlisted merchant | allowlist |
| 4 | Category restriction | Purchase in blocked category | blocked_categories |
| 5 | Expiry check | Expired token | expires_at |
| 6 | Rate limit | Too many calls per minute | calls_this_minute |
| 7 | Amount mismatch | Agent changed amount after human approved | approved_amount |
| 8 | Replay attack | Same nonce used twice (file-backed store) | nonce |
| 9 | Revocation evasion | Agent using a revoked token | token_id |
Checks 7–9 activate when the corresponding param is passed. State persists to ~/.sentinel/.
Attack vectors in sentinel_threat_model
token_forgery · budget_overflow · replay_attack · amount_mismatch · revocation_evasion · merchant_spoof · expiry_bypass
Security
sentinel_audit_transaction returns an advisory verdict — it does not intercept network traffic. Your agent is responsible for calling it before executing a payment and halting on BLOCKED. The audit hash returned is a SHA-256 digest of all check results, giving you a tamper-evident record of each pre-flight decision.
Pricing
| Plan | Price | Included |
|---|---|---|
| Free | $0 | 50 audits/month |
| Pro | $19/month | Unlimited audits + threat model simulations |
License
MIT — AgentPay Labs. Source: github.com/Rumblingb/agentpay-sentinel-mcp
Установка Agentpay Sentinel
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/Rumblingb/agentpay-sentinel-mcpFAQ
Agentpay Sentinel MCP бесплатный?
Да, Agentpay Sentinel MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Agentpay Sentinel?
Нет, Agentpay Sentinel работает без API-ключей и переменных окружения.
Agentpay Sentinel — hosted или self-hosted?
Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.
Как установить Agentpay Sentinel в Claude Desktop, Claude Code или Cursor?
Открой Agentpay Sentinel на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
Fetch
Web content fetching and conversion for efficient LLM usage.
AWS KB Retrieval
Retrieval from AWS Knowledge Base using Bedrock Agent Runtime.
автор: modelcontextprotocolSpring AI MCP Server
Provides auto-configuration for setting up an MCP server in Spring Boot applications.
llm-analysis-assistant
A very streamlined mcp client that supports calling and monitoring stdio/sse/streamableHttp, and can also view request responses through the /logs page. It also
автор: xuzexin-hzCompare Agentpay Sentinel with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории ai
