x402guard Whitepaper v1.0
Pre-install security auditing for AI agent skills
Security product first. Token as alignment.
AI agent ecosystems are experiencing a supply-chain security crisis: untrusted “skills” can execute code, access credentials, and make outbound requests—often with little or no pre-install validation.
x402guard is a pre-installation security auditing platform that scans skills before users or agents install them. It detects malware patterns, risky permissions, suspicious network behavior, credential theft indicators, and known threat intelligence signals—then returns a clear risk score (0–100) with actionable findings.
x402guard is designed for both humans and autonomous agents: audits can be purchased on-demand with micro-priced pay-per-scan payments (USDC on Base via an HTTP 402 flow), and results can optionally generate a signed attestation that third parties can verify.
The x40G token is an optional alignment layer: it provides staking-based discounts and access to premium detection rules, and enables vote-escrow governance (veX40G) over security priorities and ecosystem parameters.
Jump to section pages
1. The AI Skill Supply-Chain Crisis
AI agent “skills” are executable supply-chain artifacts. Unlike traditional software ecosystems, most agent skill marketplaces lack standardized security vetting before installation.
Threat actors increasingly publish malicious skills disguised as:
These skills can:
Exfiltrate environment variables
Security failures happen at install time, not after. Post-install detection is too late.
2. What is x402guard?
x402guard provides pre-install security auditing for AI agent skills.
Before a skill is installed, x402guard:
Runs multi-stage security analysis
Returns findings and recommendation
Optionally issues a signed attestation
x402guard acts as:
“npm audit for AI agent skills”
3. Why Pre-Install Security Matters
Once installed, a skill may immediately:
x402guard shifts security left:
Scan first → Decide → Install
This prevents irreversible damage.
4. Product Principles
x402guard is built on four principles:
4.1 Instant Clarity
Single risk score, plain-language findings, clear recommendation.
4.2 Pay-Per-Scan
Security should be cheap and universal.
4.3 Agent-Native
Agents can discover, pay, and use x402guard autonomously.
Open engine + proprietary premium intelligence.
5. Architecture Overview
High-level components:
Tokenomics & Governance Modules
Flow:
User/Agent → API → Audit Engine → Rules & Intel → Score & Findings → Attestation (optional)
Standard — $0.05
Sandbox / deeper analysis
7. Detection Methodology
Malware & Campaign Patterns
Known malware families and exploit signatures.
Obfuscation Detection
Base64 payloads, eval construction, encoded strings.
Credential Theft Indicators
Cloud keys, exchange APIs, wallets, CI/CD secrets.
Remote Execution Indicators
curl | sh, wget | bash, PowerShell loaders.
Agent Exploitation Patterns
Prompt injection, memory poisoning, confused deputy.
Threat Intelligence
Known malicious publishers, wallets, IPs, domains.
8. Risk Scoring
Score range: 0–100
Ranges:
Higher severity findings increase score.
9. Attestations
Deep scans can produce a signed attestation containing:
Attestations enable:
10. Payments via HTTP 402
x402guard uses HTTP-native payment flow:
Receive 402 Payment Required
Benefits:
No subscriptions required
Machine-to-machine compatible
Microtransaction friendly
11. Open Core Model
Open source drives adoption. Premium drives sustainability.
x40G is not required to use x402guard.
It exists to align incentives.
12.1 Utility Pillars
Access & Discounts
Stake x40G to:
Faster threat intel updates
Lock x40G into veX40G to vote on:
12.2 Value Accrual
Protocol revenue supports:
Real usage → real revenue → aligned incentives.
Phase 1 — Scanner (Live)
Pre-install audits
Phase 2 — Monitor
Runtime behavior monitoring
Phase 3 — Threat Intel Bot
Automated signature generation
Phase 4 — Reputation Layer
Publisher verification & trust scores
14. Risks & Limitations
No scanner guarantees 100% safety
Mitigations:
x402guard makes scan-before-install the default behavior for AI agent ecosystems.
Security first.
Token second.
Alignment always.
Appendix A — Integration Summary
Appendix B — Subscription Tiers (Optional)
Free, Pro, Enterprise for operators and teams.