AI Agent Payment Preflight

Use this page when searching for:

• AI agent payment safety
• AI agent payment preflight
• autonomous agent payment preflight
• before letting an AI agent pay
• AI agent can move money safely
• agent payment launch gate

Run First

npx @monarch-shield/x402 doctor --ci --strict

npx x402-doctor

If code can move money, Doctor must pass before go-live. That includes agent

code that creates payment intents, sends wallet transactions, pays MCP tools,

handles 402 Payment Required, retries with X-PAYMENT, or pays another

agent.

What Doctor Checks

Doctor scans for detectable payment paths and fails when payment execution is

not protected by checkBeforePayment or a guarded callback. The goal is simple:

an agent should not be able to ship payment code where the guard is imported but

unused, placed after payment execution, hidden in a dead helper, or only present

in an unrelated wrapper.

What Still Belongs At Runtime

Use runtime controls for live money movement:

• budget caps and recipient allowlists
• duplicate payment detection and idempotency
• circuit breakers for retries and facilitator failures
• endpoint trust and delivery verification
• fraud, sanctions, chargeback, and settlement controls

Monarch Doctor is the local/CI launch gate before that runtime stack ships.

CI Gate

Add this before merging agent-controlled payment code:

- name: Monarch Doctor

  run: npx @monarch-shield/x402 doctor --ci --strict

For the full GitHub Action path, see github-action.md.