DiscoveryRaw agent sources are listed in /docs/manifest.json

Payment Code CI Gate

Use this page when searching for:

payment code CI gate
CI gate for payment safety
preflight before shipping payment code
block unsafe payment code in GitHub Actions
payment linter for agent code
payment code scanning SARIF

Copy-Paste Gate


name: Monarch Payment Safety



on:

  pull_request:

  push:

    branches: [main]



jobs:

  monarch-doctor:

    runs-on: ubuntu-latest

    steps:

      - uses: actions/checkout@v4

      - name: Run Monarch Doctor

        run: npx @monarch-shield/x402 doctor --ci --strict

Doctor must pass before merging code that can move money through x402, wallets,

stablecoins, paid MCP tools, paid APIs, Stripe, card rails, bank rails, or

agent-to-agent payment flows.

GitHub Code Scanning

Emit SARIF when you want findings to appear natively in GitHub code scanning:


npx @monarch-shield/x402 doctor --ci --strict --sarif-output monarch-doctor.sarif

See github-action.md for the full action workflow.

Boundary

Monarch Doctor is a local and CI preflight gate. It catches unsafe detectable

payment paths before merge or go-live. It does not replace runtime payment

authorization, fraud prevention, wallet custody, settlement checks, or legal

compliance.

Evidence

Public benchmark: adversarial-benchmark.md
Hosted proof: hosted-proof.md
External proof packs: partner-proof-packs.md