npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@agentutility/mcp-prooflayer

v0.1.8

Published

MCP server for the @agentutility prooflayer cluster — pay-per-call x402 tools, no API keys, USDC on Base.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

agentutilityagentutility

Keywords

mcpmodel-context-protocolx402agentutilityagent-toolsprooflayer

Readme

@agentutility/mcp-prooflayer

Trust + risk scanners for AI-built apps.

AI builds apps fast. Prooflayer verifies they're safe to ship — secrets, deploys, migrations, dependencies, prompt-injection, supply chain.

Pricing: pay-per-call in USDC on Base. No subscriptions, no API keys. See per-tool prices below.

Install — Claude Desktop

Edit ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) or %APPDATA%\Claude\claude_desktop_config.json (Windows):

{
  "mcpServers": {
    "agentutility-prooflayer": {
      "command": "npx",
      "args": ["-y", "@agentutility/mcp-prooflayer"],
      "env": { "X402_PRIVATE_KEY": "0xYOUR_PRIVATE_KEY_HEX" }
    }
  }
}

Restart Claude Desktop. 13 tools appear in the tool palette.

Install — Cursor

Add to .cursor/mcp.json:

{
  "mcpServers": {
    "agentutility-prooflayer": {
      "command": "npx",
      "args": ["-y", "@agentutility/mcp-prooflayer"],
      "env": { "X402_PRIVATE_KEY": "0x..." }
    }
  }
}

Funding

Send any amount of USDC on Base mainnet to the address derived from your X402_PRIVATE_KEY. The MCP server uses it to pay for tool calls automatically.

USDC on Base contract: 0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913

Tools (13)

| Tool | Description | |---|---| | ai-content-detector | (0.03 USDC/call) AI content detector / GPT detector / ChatGPT plagiarism checker. Calibrated probability (0-1), verdict, suspicious phrases, per-axis style signals (em-dash overuse, hedge phrases, formulaic transitions). | | brand-clearance | (0.25 USDC/call) Brand clearance aggregator / name screening / product-name vetting / startup-brand pre-flight. Given a candidate brand name, returns a single composite clearance signal an agent can act on. Calls four checks in parallel (in-process, no x402 self-billing): USPTO TM name search, domain availability across requested TLDs (default .com .ai .dev .io .co), Wikipedia presence, Hacker News mention scan. Returns risk_level (clear|soft|moderate|hard), risk_score 0-100, sub-scores per signal, the raw hits, and a one-line recommendation. Designed for AI agents self-screening project / product / startup names before committing. Screening tool only — not legal advice. | | cve | (0.005 USDC/call) CVE lookup / vulnerability database. NIST NVD-backed. CVSS v3.1+v2 scores, severity, affected CPEs, CWE, exploit indicators + LLM summary. | | cve-lookup | (0.005 USDC/call) CVE lookup / vulnerability database. NIST NVD-backed. CVSS v3.1 + v2 scores, severity, affected CPEs, CWE class, references, public-exploit indicators. Plus LLM exploitability summary. | | db-migration-risk | (0.02 USDC/call) DB migration risk audit / SQL migration safety check / DROP COLUMN detector / unsafe ALTER TABLE detector / Postgres CREATE INDEX CONCURRENTLY check / Alembic op.drop_* detector / TRUNCATE/DELETE WHERE detector / foreign key NOT VALID check / pre-deploy DB gate. Walks migrations/, prisma/migrations/, db/migrate/, supabase/migrations/, alembic/versions/ and flags destructive DDL, lock-heavy ALTER TABLE, NOT NULL without DEFAULT, plain CREATE INDEX (vs CONCURRENTLY), unbounded TRUNCATE/DELETE, and FK validation without NOT VALID. Returns 0-100 score, per-finding kind/severity/path/line/evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} for public GitHub or {files: [{path, content}, …]} for private / agent-workspace use. | | dep-risk-summary | (0.03 USDC/call) repo dependency risk audit / package.json + lockfile vetter / unpinned dep detector / transitive dep counter / requirements.txt audit / pyproject dep risk / repo-level supply-chain risk score / Snyk-adjacent / deprecated dep detector / install-script dep detector. Best-effort scan of package.json, pnpm-lock.yaml, package-lock.json, yarn.lock, bun.lock (JS); requirements.txt, pyproject.toml, poetry.lock (Python); go.mod, go.sum (Go). Samples 10 alphabetically-first direct deps via npm/PyPI registry for deprecation + install-script signals. Returns 0-100 score, per-finding kind/severity/path/evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} or {files: [{path, content}, …]}. | | deploy-config-risk | (0.02 USDC/call) deploy config audit / Dockerfile lint / vercel.json hardening / wrangler.toml review / docker-compose.yml safety / fly.toml secrets check / netlify deploy gate / open CORS detector / exposed admin port detector / plaintext secret in env detector / production-readiness deploy gate. Fetches deploy config files (Dockerfile, wrangler.toml, vercel.json, netlify.toml, fly.toml, docker-compose.yml, serverless.yml) and flags open CORS with credentials, exposed admin ports (22/5432/6379/etc), plaintext secrets in inline env, dev/debug mode left enabled, missing healthchecks. Returns 0-100 score, per-finding kind/severity/path/line/redacted-evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} for public GitHub or {files: [{path, content}, …]} for private / agent-workspace use. | | github-repo-health | (0.03 USDC/call) GitHub repo health score / open-source maintainability checker. 0-100 score + grade (abandoned/stale/okay/healthy/thriving). Commit activity, contributors, license, CI, tests. Plus LLM verdict. | | package-risk-npm | (0.03 USDC/call) npm package risk score / supply-chain scanner / typosquat detector. Maintainer count, weekly downloads, install scripts, dependency depth, deprecation, age, typosquat distance to popular packages. Plus LLM risk summary. | | production-readiness-score | (0.10 USDC/call) production readiness score / AI app deploy gate / Prooflayer cluster aggregator / repo prod-risk composite / one-call audit / unified production readiness API / vibe-coded app safety scan. Calls all 5 Prooflayer component scanners (secrets-exposure-check, deploy-config-risk, db-migration-risk, dep-risk-summary, prompt-injection-surface) in parallel in-process and rolls findings into a weighted composite score (default weights: secrets 0.30, migrations 0.20, deps 0.20, deploy 0.15, prompt 0.15). Returns composite 0-100, production_grade (production-ready | needs-review | risky | do-not-ship), per-component sub-scores, top-N deduped findings sorted by severity + score_contribution, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} or {files: [{path, content}, …]}. Optional 'weights' override (each in [0,0.5], proportionally normalized) and 'max_findings' (default 10, cap 50). | | prompt-injection-surface | (0.03 USDC/call) AI prompt injection surface scanner / LLM call-site audit / unsanitized user input in prompts detector / system-message mixing flag / unbounded completion detector / AI app safety scan / pre-deploy AI risk gate. Walks .ts/.tsx/.js/.jsx/.py/.mjs/.cjs source files, locates LLM SDK call sites (anthropic, openai, @ai-sdk/, google generative), and flags user input flowing into prompts without sanitization, calls without max_tokens caps, system/user prompt mixing, and LLM output used unvalidated in fetch/exec/eval. Returns 0-100 score, per-finding kind/severity/path/line/evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} (tree-walk, capped 500 files) or {files: [{path, content}, …]}. | | pypi-package-risk | (0.01 USDC/call) PyPI package risk score / Python supply-chain scanner. Age, monthly downloads, install-script hooks (cmdclass/setup.py), dependency depth, deprecation, typosquat distance to 50 popular Python packages. Plus LLM risk summary. | | secrets-exposure-check | (0.02 USDC/call) secrets exposure scan / hardcoded API key detector / .env-committed-key audit / Next.js client env leak detector / pre-deploy secret gate. Fetches top-level config files (.env, wrangler.toml, vercel.json, next.config.*, package.json, etc.) and scans for hardcoded AWS/OpenAI/Anthropic/Stripe/GitHub keys, private keys, DB URLs with passwords, JWT secrets, weak values in .env.example, and server-only env vars accidentally exposed via NEXT_PUBLIC_. Returns 0-100 score, per-finding kind/severity/path/line/redacted-evidence/recommendation, and a Venice plain-English verdict. Dual input: {repo: 'owner/name'} for public GitHub or {files: [{path, content}, …]} for private / agent-workspace use. |

How it works

  1. Agent calls a tool (e.g. ai-content-detector).
  2. MCP server POSTs to https://x402.agentutility.ai/ai-content-detector.
  3. The endpoint responds HTTP 402 with payment instructions.
  4. The MCP server signs an EIP-3009 USDC transfer authorization with X402_PRIVATE_KEY and retries.
  5. CDP facilitator settles on Base.
  6. The endpoint returns the actual response.

The agent never sees the payment flow — it just gets the result.

Links

  • Cluster overview: https://agentutility.ai/prooflayer/
  • All MCP packages: https://mcp.agentutility.ai/
  • Source: https://github.com/rooz21/x402/tree/main/packages/mcp-prooflayer

Version: 0.1.8 · License: MIT