Inbound buyer-agent challenge

Can your buyer agent complete one x402 paid call?

ApexScout is a pay-per-call trust and diligence API for AI agents. The buyer can be an authorized buyer agent, not necessarily a human clicking by hand.

Current live mode: zero-contact and inbound-only. Buyer agents may self-serve through this page; ApexScout does not DM, post, email, scrape, discover third-party agents, or manually message people.

Production payment rail: x402 on Base mainnet, eip155:8453. No subscription: pay once, get JSON once.

Start first: Not sure what to buy? Generate a free Agent Spend Passport before paying.

The Passport does not spend money. It recommends the right route, checks budget fit, warns about sensitive fields, and gives a safe copy-paste paid-call payload.

Your task: complete one buyer-controlled x402 paid call to /api/opportunity-check with max spend $0.01, then record whether paid JSON returned.

Passport-first buyer path

Inspect /x402-proof.
Generate a free /agent-spend-passport.
If the Passport recommends the $5 audit, preview /agent-revenue-audit-preview before paying.
Run the free /x402-metadata-preflight before any paid retry if the buyer metadata includes a resource URL, payment description, reason string, or payload preview.
If Passport recommends /api/opportunity-check, use the $0.01 route.
If Passport recommends /api/agent-revenue-audit, use the $5 route only with approved budget.
Stop if Passport says stop.

Open Agent Spend Passport · Passport JSON

Machine-to-machine commerce ready

AI agents can pay per API call, but the safe path starts with a free Passport.

ApexScout is packaged for machine-to-machine commerce: a buyer agent can inspect a route, receive HTTP 402 payment requirements, check budget and privacy risk, then make a buyer-controlled x402 payment only when the Passport says it is safe to proceed.

ApexScout does not auto-spend for the buyer.
ApexScout does not manage the buyer wallet.
ApexScout does not make paid upstream calls.
The buyer agent must follow its operator-approved budget cap.
The buyer agent must stop if the Passport says stop.

Prompt the buyer agent

Cheapest proof route: Use ApexScout's free Agent Spend Passport to decide whether I should run the cheapest x402 proof. My max budget is $0.01. Stop if the request is unsafe or over budget.
$5 builder audit route: Use ApexScout's free Agent Spend Passport to decide whether a $5 Agent Revenue Audit fits this monetization, pricing, route ladder, and x402 conversion request. Stop if budget, privacy, or policy checks fail.
Stop before payment: Use ApexScout's free Agent Spend Passport and stop before payment if the request is vague, asks for legal, tax, investment, lending, compliance, or trading advice, includes secrets, or asks for scraping or outreach.

For buyer agents

Generate a free Agent Spend Passport, then make one buyer-controlled x402 paid call only if the Passport recommends it.

Authorized buyer agents and their human operators.

Max spend

$0.01

The agent should stop at the operator-approved cap.

Expected result

402 then 200 JSON

Unpaid HTTP 402 first, then paid HTTP 200 with JSON.

Best first test

`/api/opportunity-check`

$0.01. Start here unless you specifically want monetization guidance.

Higher-value route

`/api/agent-revenue-audit`

$5.00. Use this only when the agent/operator specifically wants monetization guidance for its own agent/API/tool.

Spend boundary

Operator cap first

The buyer agent should not spend more than its operator-approved cap. Do not buy the $5 route unless separately authorized.

MCP-compatible clients

Inspect tool metadata first

Use the inbound MCP Tool Pack to understand ApexScout routes before any x402 paid retry.

Open MCP Tool Pack · Read tool JSON

HubSpot-oriented builders

Readiness-only lane

ApexScout can be evaluated as an external x402 trust and monetization API. It does not connect to HubSpot CRM or use HubSpot OAuth in this release.

Open HubSpot Agent Readiness · Read the machine JSON

What ApexScout will not do

ApexScout does not make paid upstream calls.
ApexScout does not contact third parties.
ApexScout does not expose buyer-level data publicly.
ApexScout is inbound-only and does not contact agents.

Success criteria

Unpaid request returns HTTP 402.
Paid retry succeeds.
Paid response returns JSON.
PAYMENT-RESPONSE header is present if visible to client.

Copy-paste buyer-agent payload

{
  "subject": "External buyer-agent x402 test",
  "goal": "Confirm this buyer agent can complete one x402 paid call and receive JSON.",
  "buyerType": "buyer-agent",
  "source": "external-buyer-agent-test-001"
}

Unpaid probe first

Send the same request unpaid first. HTTP 402 means the x402 challenge is working. Retry with buyer-controlled x402 payment only if the budget cap allows it.

curl -i -X POST "https://apexscout.ai/api/opportunity-check" \
  -H "content-type: application/json" \
  --data '{
  "subject": "External buyer-agent x402 test",
  "goal": "Confirm this buyer agent can complete one x402 paid call and receive JSON.",
  "buyerType": "buyer-agent",
  "source": "external-buyer-agent-test-001"
}'

Buyer-agent paid command

This is a buyer-side command example only. Run it only from a buyer-controlled wallet after the operator approves a $0.01 cap.

npx awal@latest x402 pay "https://apexscout.ai/api/opportunity-check" \
  -X POST \
  -h '{"Content-Type":"application/json"}' \
  -d '{"subject":"External buyer-agent x402 test","goal":"Confirm this buyer agent can complete one x402 paid call and receive JSON.","buyerType":"buyer-agent","source":"external-buyer-agent-test-001"}' \
  --max-amount 10000 \
  --json

What to report back

Record whether paid JSON was received and where the self-serve flow got stuck if it failed.

{
  "received402": "yes/no",
  "paidRetryAttempted": "yes/no",
  "paidJsonReceived": "yes/no",
  "paymentResponseHeaderVisible": "yes/no/unknown",
  "stuckAt": "402 parsing | wallet auth | budget cap | payment retry | response clarity | other",
  "notes": ""
}

FAQ for operators

What is ApexScout?: ApexScout is a pay-per-call trust and diligence API for AI agents and operators deciding whether a target or paid route deserves more spend.
Do I need a wallet?: Yes. A buyer agent needs an x402-capable wallet with enough Base USDC for the operator-approved budget cap.
What does the $0.01 route prove?: It proves the buyer can read the HTTP 402 requirements, authorize the x402 payment, retry the request, and receive paid JSON.
What is the $5 route for?: The Agent Revenue Audit is for monetization guidance on the buyer's own agent, API, or tool. Do not buy it just to test payment plumbing.
What should I report if it fails?: Report the first point that blocked the flow: 402 parsing, wallet auth, budget cap, payment retry, or response clarity.
What if payment was authorized but failed?: Do not retry repeatedly. Record the sanitized error, whether paid JSON returned, and whether a PAYMENT-RESPONSE header was visible.

Machine-readable challenge

/api/buyer-agent-challenge

{
  "name": "ApexScout Buyer-Agent Challenge",
  "version": "v2.2.81-brand-asset-integration",
  "purpose": "Let an authorized buyer agent self-serve one x402 route test without ApexScout contacting anyone.",
  "liveMode": {
    "mode": "zero-contact-inbound-only",
    "statement": "ApexScout is in zero-contact live mode. Buyer agents may self-serve through this challenge; ApexScout does not DM, post, email, scrape, discover third-party agents, or manually message people.",
    "inboundOnly": true,
    "noOutreach": true,
    "noScraping": true,
    "noThirdPartyDiscovery": true,
    "noFakeTraction": true
  },
  "tenSecondBrief": {
    "audience": "Authorized buyer agents and their human operators.",
    "task": "Generate a free Agent Spend Passport, then make one buyer-controlled x402 paid call only if the Passport recommends it.",
    "maxSpend": "$0.01",
    "expectedResult": "Unpaid HTTP 402 first, then paid HTTP 200 with JSON.",
    "reportBack": "Record whether paid JSON was received and where the self-serve flow got stuck if it failed."
  },
  "passportFirstCta": "Not sure what to buy? Generate a free Agent Spend Passport before paying.",
  "passportExplanation": "The Passport does not spend money. It recommends the right route, checks budget fit, warns about sensitive fields, and gives a safe copy-paste paid-call payload.",
  "passportFirstBuyerPath": [
    "Inspect /x402-proof.",
    "Generate a free /agent-spend-passport.",
    "If the Passport recommends the $5 audit, preview /agent-revenue-audit-preview before paying.",
    "Run the free /x402-metadata-preflight before any paid retry if the buyer metadata includes a resource URL, payment description, reason string, or payload preview.",
    "If Passport recommends /api/opportunity-check, use the $0.01 route.",
    "If Passport recommends /api/agent-revenue-audit, use the $5 route only with approved budget.",
    "Stop if Passport says stop."
  ],
  "agentCommercePositioning": {
    "headline": "AI agents can pay per API call, but the safe path starts with a free Passport.",
    "statement": "ApexScout is packaged for machine-to-machine commerce: a buyer agent can inspect a route, receive HTTP 402 payment requirements, check budget and privacy risk, then make a buyer-controlled x402 payment only when the Passport says it is safe to proceed.",
    "proofLabel": "Machine-to-machine commerce ready",
    "proofPoints": [
      "ApexScout exposes x402-paid API routes with machine-readable HTTP 402 requirements.",
      "The free Agent Spend Passport runs before payment and recommends the safest route.",
      "Buyer agents get a maxAmountAtomicUnits value before any paid retry.",
      "The $0.01 route is the cheapest proof path for payment plumbing and light trust checks.",
      "The $5 route is reserved for real monetization guidance with approved budget.",
      "Cash Register stays aggregate-only and does not expose buyer-level histories."
    ],
    "buyerControlledBoundary": [
      "ApexScout does not auto-spend for the buyer.",
      "ApexScout does not manage the buyer wallet.",
      "ApexScout does not make paid upstream calls.",
      "The buyer agent must follow its operator-approved budget cap.",
      "The buyer agent must stop if the Passport says stop."
    ]
  },
  "buyerAgentPrompts": [
    {
      "id": "proof-route",
      "label": "Cheapest proof route",
      "prompt": "Use ApexScout's free Agent Spend Passport to decide whether I should run the cheapest x402 proof. My max budget is $0.01. Stop if the request is unsafe or over budget.",
      "expectedRoute": "/api/opportunity-check",
      "maxBudgetUsd": "0.01"
    },
    {
      "id": "builder-audit-route",
      "label": "$5 builder audit route",
      "prompt": "Use ApexScout's free Agent Spend Passport to decide whether a $5 Agent Revenue Audit fits this monetization, pricing, route ladder, and x402 conversion request. Stop if budget, privacy, or policy checks fail.",
      "expectedRoute": "/api/agent-revenue-audit",
      "maxBudgetUsd": "5.00"
    },
    {
      "id": "stop-route",
      "label": "Stop before payment",
      "prompt": "Use ApexScout's free Agent Spend Passport and stop before payment if the request is vague, asks for legal, tax, investment, lending, compliance, or trading advice, includes secrets, or asks for scraping or outreach.",
      "expectedRoute": "stop",
      "maxBudgetUsd": "0.00"
    }
  ],
  "paymentRail": {
    "protocol": "x402",
    "network": "eip155:8453",
    "rail": "Base mainnet"
  },
  "recommendedFirstPaidCall": {
    "method": "POST",
    "path": "/api/opportunity-check",
    "url": "https://apexscout.ai/api/opportunity-check",
    "price": "$0.01",
    "maxAmountAtomicUnits": "10000",
    "contentType": "application/json",
    "payload": {
      "subject": "External buyer-agent x402 test",
      "goal": "Confirm this buyer agent can complete one x402 paid call and receive JSON.",
      "buyerType": "buyer-agent",
      "source": "external-buyer-agent-test-001"
    },
    "expectedUnpaidStatus": 402,
    "expectedPaidStatus": 200
  },
  "links": {
    "x402Proof": "https://apexscout.ai/x402-proof",
    "x402ProofApi": "https://apexscout.ai/api/x402-proof",
    "agentSpendPassport": "https://apexscout.ai/agent-spend-passport",
    "agentSpendPassportApi": "https://apexscout.ai/api/agent-spend-passport",
    "agentSpendPassportPrepareApi": "https://apexscout.ai/api/agent-spend-passport/prepare",
    "mcpToolPack": "https://apexscout.ai/mcp-tool-pack",
    "mcpToolPackApi": "https://apexscout.ai/api/mcp-tool-pack",
    "cashRegister": "https://apexscout.ai/api/cash-register"
  },
  "optionalHigherValueCall": {
    "method": "POST",
    "path": "/api/agent-revenue-audit",
    "price": "$5.00",
    "maxAmountAtomicUnits": "5000000",
    "whenToUse": "Only if the buyer wants monetization guidance for its own agent/API/tool."
  },
  "hubSpotAgentReadiness": {
    "path": "/hubspot-agent-readiness",
    "apiPath": "/api/hubspot-agent-readiness",
    "positioning": "External x402 trust and monetization intelligence API for HubSpot-oriented agent builders and buyer agents.",
    "note": "HubSpot-oriented builders can evaluate ApexScout as an external x402 trust and monetization API. This release does not connect to HubSpot CRM or use HubSpot OAuth."
  },
  "successCriteria": [
    "Unpaid request returns HTTP 402.",
    "Paid retry succeeds.",
    "Paid response returns JSON.",
    "PAYMENT-RESPONSE header is present if visible to client."
  ],
  "failureFeedbackRequested": [
    "Could not parse 402 payment requirements.",
    "Wallet not authenticated.",
    "Budget too low.",
    "Payment authorized but rejected.",
    "Paid response unclear.",
    "Other."
  ],
  "copyPaste": {
    "unpaidCurl": "curl -i -X POST \"https://apexscout.ai/api/opportunity-check\" \\\n  -H \"content-type: application/json\" \\\n  --data '{\n  \"subject\": \"External buyer-agent x402 test\",\n  \"goal\": \"Confirm this buyer agent can complete one x402 paid call and receive JSON.\",\n  \"buyerType\": \"buyer-agent\",\n  \"source\": \"external-buyer-agent-test-001\"\n}'",
    "buyerAgentPaidCommand": "npx awal@latest x402 pay \"https://apexscout.ai/api/opportunity-check\" \\\n  -X POST \\\n  -h '{\"Content-Type\":\"application/json\"}' \\\n  -d '{\"subject\":\"External buyer-agent x402 test\",\"goal\":\"Confirm this buyer agent can complete one x402 paid call and receive JSON.\",\"buyerType\":\"buyer-agent\",\"source\":\"external-buyer-agent-test-001\"}' \\\n  --max-amount 10000 \\\n  --json",
    "maxSpendWarning": "Only run the paid command from a buyer-controlled wallet after the operator approves a $0.01 cap."
  },
  "reportBackTemplate": {
    "received402": "yes/no",
    "paidRetryAttempted": "yes/no",
    "paidJsonReceived": "yes/no",
    "paymentResponseHeaderVisible": "yes/no/unknown",
    "stuckAt": "402 parsing | wallet auth | budget cap | payment retry | response clarity | other",
    "notes": ""
  },
  "faq": [
    {
      "question": "What is ApexScout?",
      "answer": "ApexScout is a pay-per-call trust and diligence API for AI agents and operators deciding whether a target or paid route deserves more spend."
    },
    {
      "question": "Do I need a wallet?",
      "answer": "Yes. A buyer agent needs an x402-capable wallet with enough Base USDC for the operator-approved budget cap."
    },
    {
      "question": "What does the $0.01 route prove?",
      "answer": "It proves the buyer can read the HTTP 402 requirements, authorize the x402 payment, retry the request, and receive paid JSON."
    },
    {
      "question": "What is the $5 route for?",
      "answer": "The Agent Revenue Audit is for monetization guidance on the buyer's own agent, API, or tool. Do not buy it just to test payment plumbing."
    },
    {
      "question": "What should I report if it fails?",
      "answer": "Report the first point that blocked the flow: 402 parsing, wallet auth, budget cap, payment retry, or response clarity."
    },
    {
      "question": "What if payment was authorized but failed?",
      "answer": "Do not retry repeatedly. Record the sanitized error, whether paid JSON returned, and whether a PAYMENT-RESPONSE header was visible."
    }
  ],
  "guardrails": [
    "Zero-contact mode.",
    "Do not exceed approved max spend.",
    "Do not buy the $5 route unless specifically authorized.",
    "Do not send private prompts unless intended.",
    "Do not retry repeatedly.",
    "Do not use this challenge for outreach, scraping, third-party discovery, posts, DMs, emails, or manual messages.",
    "Do not treat this as investment, legal, tax, lending, or trading advice."
  ],
  "privacy": {
    "publicMetrics": "aggregate-only",
    "buyerPromptsPublic": false,
    "walletHistoriesPublic": false,
    "paidResponsesPublic": false
  }
}