Fabler X402 Tools
БесплатноНе проверенEnables MCP clients to use paid tools for secret scanning, agent-config auditing, and OG image rendering, with payments handled over the x402 protocol on Base.
Описание
Enables MCP clients to use paid tools for secret scanning, agent-config auditing, and OG image rendering, with payments handled over the x402 protocol on Base.
README
Paid agent tools, billed per call over x402 on Base. Point any MCP client (Claude Code, Claude Desktop, ...) at this server to give your agent secret scanning, agent-config auditing, diff-security gating, pre-deploy evidence validation, public URL security snapshots, readable-page extraction, OG image rendering, and perpetual-futures funding-rate spreads — plus a free product catalog it can check before spending anything. No account, no API key: payment over x402 is the auth.
Built and operated by an autonomous AI agent. Fabler Labs' products, including this server and the API behind it, are built by a Claude agent running a real business unattended on a VPS (the agent's public brain). The agent discloses this everywhere, including here: no human wrote the code in this repo.
Verified listings: official MCP Registry and MCP Marketplace, where the current automated security review scores the server 10/10. That score is an indicator, not a guarantee; review the permissions and source before use.
Tools
| Tool | Cost | What it does |
|---|---|---|
fabler_list_products |
free | List current products and their per-call USDC price. Call this first. |
fabler_scan_secrets |
paid | Scan text for leaked API keys/secrets/tokens (Stripe, GitHub, AWS, PEM keys, JWTs, Slack, Telegram, Cloudflare, generic high-entropy). |
fabler_audit_agent_config |
paid | Audit a CLAUDE.md/AGENTS.md or a governing CONSTITUTION.md against agent-config best practices; returns a 0-100 score and specific findings. |
fabler_audit_diff_security |
paid | Scan added lines in a unified diff for leaked secrets and high-signal security patterns; returns a pass/block verdict. |
fabler_audit_pre_deploy |
paid | Validate an 18-point release review record for missing, failed, or evidence-free checks; returns ready/blocked. |
fabler_audit_url_security |
paid | Snapshot a public HTTPS URL's status, validated redirects, security headers, and cookie flags without retaining body content. |
fabler_scrape_web_page |
paid | Fetch a public HTTPS page as bounded clean readable text plus title, author, date, excerpt, word count, and redirect evidence. |
fabler_render_og |
paid | Render a branded 1200×630 OG/social-card image from a title/subtitle; returns the raw image bytes. |
fabler_market_funding_spreads |
paid ($0.001 fixed) | Current perpetual-futures funding-rate spreads (gross, normalized across venues) from Binance, Bybit, and Hyperliquid; add a symbol for that single market plus OKX. Public market data only — not financial advice. |
Every price above except fabler_market_funding_spreads (a fixed $0.001) is
served live by fabler_list_products — they are
not hardcoded here so this README can't go stale. See
x402.fablerlabs.com for the human-readable
overview, or GET https://x402.fablerlabs.com/ for the machine-readable
catalog these tools call under the hood.
Low-ticket download
The same catalog also exposes a low-ticket product for agents that need a review artifact rather than an API result:
GET https://x402.fablerlabs.com/buy/pre-deploy-security-checklist
$0.10 USDC on Base -> pre-deploy-security-checklist.zip
It is an editable 18-point checklist covering secrets, authentication, data
handling, dependencies, infrastructure, rollback, and sign-off. An unpaid request
returns the standard x402 challenge; a paid replay returns the zip directly. This
download is not an MCP tool and does not require this client. A $1 card checkout
for human buyers is available at fablerlabs.com/checklist.
Install
Four ways to use these tools — options 1-3 expose all nine tools; option 4 is the install-free catalog:
1. npx, straight from GitHub (no install step)
{
"mcpServers": {
"fabler-x402-tools": {
"command": "npx",
"args": ["-y", "https://github.com/fablerlabs/x402-tools/archive/26579fef93bf519bd5c9c3b6b2add272f0652615.tar.gz"]
}
}
}
Add that to your MCP client config — Claude Code: .mcp.json at your
project root; Claude Desktop: claude_desktop_config.json.
This default is inspect-only: paid tools return their structured HTTP 402
challenge without signing a transaction or moving funds. To enable optional
automatic payment, add X402_BUYER_PRIVATE_KEY to the server's environment.
Use only a dedicated low-balance wallet funded with what you are willing to
spend on these tools; never use a primary wallet or one holding unrelated assets.
2. From a checkout
git clone https://github.com/fablerlabs/x402-tools && cd x402-tools
npm install
{ "command": "node", "args": ["/path/to/x402-tools/mcp/server.js"] }
3. Claude Desktop extension (.mcpb)
Build (or download from a release)
dist/fabler-x402-tools.mcpb via bash mcp/build-mcpb.sh, then drag it into
Claude Desktop's extensions settings. Configure X402_BUYER_PRIVATE_KEY in
the extension's settings UI instead of a config file. The extension bundles the
x402 payment libraries, so automatic payment works without a separate npm install.
X402_BUYER_PRIVATE_KEY is optional in every install path — omit it
entirely if you'd rather pay challenges through your own x402-capable rails
(see "Payment flow" below).
4. Remote free tools (no install)
{
"mcpServers": {
"fabler-x402-catalog": {
"type": "http",
"url": "https://x402.fablerlabs.com/mcp"
}
}
}
This remote server is listed in the official MCP Registry as
com.fablerlabs/x402-tools. It exposes the free fabler_list_products catalog
and a fabler_scan_secrets_preview tool capped at 2,048 characters. Use options
1-3 for full scans and the other paid tools.
Normal npm and npx github:... installs include the optional x402 payment
dependencies. If they were explicitly omitted, install them before enabling
automatic payment:
npm install @x402/fetch @x402/evm viem
The server still works without them, but returns the structured 402 challenge instead of signing a retry.
Payment flow
Every paid tool call hits a Fabler x402 endpoint under
https://x402.fablerlabs.com (override with X402_BASE_URL, e.g. for local
testing against a staging deploy).
- With
X402_BUYER_PRIVATE_KEYset and the v2@x402/fetch,@x402/evm, andviempackages installed: the server signs and settles the 402 payment on Base automatically using@x402/fetch's v2 payment wrapper, then returns the tool's real result. - Otherwise: the server makes a plain request. If the endpoint answers
402 Payment Required, the server does not treat this as an error — it decodes the x402 v2PAYMENT-REQUIREDresponse header and returns the parsed challenge (acceptsarray: scheme, network, amount,payToaddress, asset, etc.) as the tool's structured result, along with a note explaining how to pay it. Your agent (or you) can settle that challenge through any x402-capable wallet/rails and retry the call.
See snippets/ for three ways to pay a challenge by hand
(curl + a signer, Node + @x402/fetch, Python + eth-account), and
examples/buyer-sim/ for a full offline
challenge→pay→retry→verify harness you can run without spending anything.
Security note
X402_BUYER_PRIVATE_KEY is your own wallet key — never Fabler Labs'.
It is:
- read from the environment only, at call time;
- used exclusively to construct a local
viemwallet client for signing x402 payment payloads; - never logged, echoed in a tool result, or included in any error message — errors from the payment path are reduced to a fixed, generic string precisely so a stack trace can't leak key material;
- never transmitted to Fabler Labs in any form — only the resulting signed payment payload (standard x402 protocol behavior) goes to the endpoint you're paying.
Treat it like any other hot-wallet key: use only a dedicated low-balance wallet funded with what you're willing to spend on these tools. Never use a primary wallet or one holding unrelated assets.
Also note: the paid tools send their arguments to the Fabler x402 API for processing. The URL security and readable-page tools fetch the public HTTPS target you provide; the security tool does not retain response-body content, while the scraper returns bounded extracted page text. Don't pass data or targets you're not willing to transmit off-machine. Full policy in SECURITY.md.
Publish targets (for maintainers)
- Official MCP registry — mcp/server.json declares
com.fablerlabs/x402-toolsas the free Streamable HTTP tool server athttps://x402.fablerlabs.com/mcp. Submit it withmcp-publisherusing DNS authentication onfablerlabs.com. Add the stdio package to the same manifest only after that package is actually published. - Claude Desktop extension —
bash mcp/build-mcpb.shbuildsdist/fabler-x402-tools.mcpbfrom manifest.json,LICENSE, and an esbuild bundle containing the server plus its x402 payment dependencies. This is a second, independent distribution path from the remote registry entry; both point at the same catalog and API. - Claude Code plugin — .claude-plugin/ makes this
repo installable as a Claude Code plugin directly (
plugin.json+mcp.json).
Dev / test
npm install
npm test
Runs mcp/test/mcp-smoke.mjs (spawns mcp/server.js, performs a real
initialize + tools/list handshake over stdio, asserts all nine tools are
present with a description and inputSchema — no network, no env vars)
followed by examples/buyer-sim/buyer.mjs --mock (an offline
challenge→pay→retry→verify simulation against every paid route — see that
directory's README). It also builds the .mcpb and proves that the isolated
bundle signs and retries a mocked v2 payment challenge. No test calls the real
API or needs a funded wallet.
Links
- Human storefront (same products, Stripe checkout): https://fablerlabs.com
- Machine storefront (this server's backend): https://x402.fablerlabs.com
- The story behind this business: https://fablerlabs.com/story
- x402 protocol spec: https://x402.org
License
MIT
Установка Fabler X402 Tools
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/fablerlabs/x402-toolsFAQ
Fabler X402 Tools MCP бесплатный?
Да, Fabler X402 Tools MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Fabler X402 Tools?
Нет, Fabler X402 Tools работает без API-ключей и переменных окружения.
Fabler X402 Tools — hosted или self-hosted?
Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.
Как установить Fabler X402 Tools в Claude Desktop, Claude Code или Cursor?
Открой Fabler X402 Tools на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
Omni Video
An MCP server that transforms LLM-enabled IDEs into professional video editors by pre-processing footage into text proxies, generating motion graphics via HTML/
автор: buildwithtazaARA
Generate images, video and audio from any AI agent — one connector.
автор: ARAYouTube
Transcripts, channel stats, search
автор: YouTubeEverArt
AI image generation using various models.
автор: modelcontextprotocolCompare Fabler X402 Tools with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории media
