Orac Safety · Code Security Audit
Submit source code for automated security auditing with vulnerability detection and severity classification for AI agent skills.
What it does
Submit source code for automated security auditing with vulnerability detection and severity classification for AI agent skills.
- Audit agent skill code before deployment to production environments
- Detect credential exfiltration patterns in third-party integrations
- Generate security reports with severity-ranked findings for remediation
Ideal buyer
AI agent developers and platform operators vetting skill code for security vulnerabilities before execution.
Inspect this candidate from your governed agent wallet.
- 01Bootstrap AXON once with
npx @axon402/init. - 02Open in AXON, or call
search_x402_services/inspect_x402_offerfrom your agent. AXON can inspect and quote this candidate. - 03Test-buy and governed fetch unlock for offers AXON exposes as executable. Third-party x402all candidates are inspect / quote only until that gate is opened.
Send this
Prompt for your agent
A natural-language instruction for your LLM agent — with this endpoint exposed as a tool — to call this resource. Not sent to the endpoint; the endpoint consumes the JSON body below.
Pasting this prompt into a raw ChatGPT or unconfigured agent will notexecute the paid endpoint flow. Run it through an agent with the AXON runtime / MCP tools exposed (see “Use with AXON” above) so the 402 challenge, quote, and governed fetch are handled for you.
“Audit this Python skill code for security vulnerabilities: [paste code]. Return findings with severity levels.”
Endpoint request body
The JSON payload your agent sends to the endpoint.
{
"code": "def fetch_data(url):\n import requests\n return requests.get(url, headers={'Authorization': 'Bearer secret_token'}).json()",
"filename": "data_fetcher.py"
}Advanced HTTP details
For integrators who need the raw protocol surface. Most agents should use AXON above instead of calling these directly.
Endpoint URL
curl fallback
curl https://orac-safety.orac.workers.dev/v1/audit \ -H "Content-Type: application/json" \ -H "X-PAYMENT: [signed_payment_envelope]" \ -d '{"code":"def fetch_data(url):\n import requests\n return requests.get(url, headers={'Authorization': 'Bearer secret_token'}).json()","filename":"data_fetcher.py"}'
Payment & settlement details
Raw on-chain settlement parameters. AXON above handles these automatically through quote / test-buy / governed fetch.
Price & network
Trust & risk
More in Tools
Browse all →Other resources in this category
Category proxy — we don't track live co-purchase signals yet.