Orac Safety · Code Security Audit

Submit source code for automated security auditing with vulnerability detection and severity classification for AI agent skills.

What it does

Submit source code for automated security auditing with vulnerability detection and severity classification for AI agent skills.

  • Audit agent skill code before deployment to production environments
  • Detect credential exfiltration patterns in third-party integrations
  • Generate security reports with severity-ranked findings for remediation

Ideal buyer

AI agent developers and platform operators vetting skill code for security vulnerabilities before execution.

Use with AXON

Inspect this candidate from your governed agent wallet.

  1. 01
    Bootstrap AXON once with npx @axon402/init.
  2. 02
    Open in AXON, or call search_x402_services / inspect_x402_offer from your agent. AXON can inspect and quote this candidate.
  3. 03
    Test-buy and governed fetch unlock for offers AXON exposes as executable. Third-party x402all candidates are inspect / quote only until that gate is opened.
Open in AXON

Send this

Prompt for your agent

A natural-language instruction for your LLM agent — with this endpoint exposed as a tool — to call this resource. Not sent to the endpoint; the endpoint consumes the JSON body below.

Pasting this prompt into a raw ChatGPT or unconfigured agent will notexecute the paid endpoint flow. Run it through an agent with the AXON runtime / MCP tools exposed (see “Use with AXON” above) so the 402 challenge, quote, and governed fetch are handled for you.

Audit this Python skill code for security vulnerabilities: [paste code]. Return findings with severity levels.

Endpoint request body

The JSON payload your agent sends to the endpoint.

application/json
{
  "code": "def fetch_data(url):\n    import requests\n    return requests.get(url, headers={'Authorization': 'Bearer secret_token'}).json()",
  "filename": "data_fetcher.py"
}

Advanced HTTP details

For integrators who need the raw protocol surface. Most agents should use AXON above instead of calling these directly.

curl fallback

curl https://orac-safety.orac.workers.dev/v1/audit \
  -H "Content-Type: application/json" \
  -H "X-PAYMENT: [signed_payment_envelope]" \
  -d '{"code":"def fetch_data(url):\n    import requests\n    return requests.get(url, headers={'Authorization': 'Bearer secret_token'}).json()","filename":"data_fetcher.py"}'

Payment & settlement details

Raw on-chain settlement parameters. AXON above handles these automatically through quote / test-buy / governed fetch.

baseexact
$0.020
per call
Pay-to address0x4a47b25c90ea79e32b043d9ee282826587187ca5
T/O: 300s asset 0x8335…2913
solanaexact
$0.020
per call
Pay-to address3vD1Rt5qMz4vZR8jGND8n9YnVNvPBvX8tyTrWzZ3TMSb
T/O: 300s asset EPjFWd…Dt1v

Price & network

Cheapest call$0.020
Networks
basesolana

Trust & risk

Trust tier Indexed external
Risk flagsNo risks flagged
View JSON bundle

Indexed from facilitator discovery data

Last enriched: