When Anthropic donated MCP to the Linux Foundation in December 2025, discovery was solved. But trust was not.
An independent analysis found ~64.7 million server entries from just 1,691 unique packages — massive duplication, zero signal, and active supply-chain attacks (npm packages stealing wallets, PyPI packages exfiltrating agent conversations).
That's the wedge I'm building MarketNow against.
What MarketNow does
1. Sentinel L1.5 security audit on every skill
6-point MCP security scan: AUTH, tool description injection, input validation, CORS, OAuth scopes, rate limiting. Methodology published, re-runnable, open source.
2. Honest review_status
Every skill has one of: auto-scanned (8,517) | human-reviewed (43) | maintainer-verified (0). The legacy verified: true is deprecated. We never claim "verified" without earning it.
3. x402 payments (HTTP 402)
The agent-purchase endpoint returns HTTP 402 with payment challenge headers:
HTTP/2 402
www-authenticate: x402 realm="marketnow", chain="base", token="USDC"
x-payment-amount: 1990000
x-payment-to: 0x39Dddf5aEdb58A559CF195fB8bdF23F0604Bf5Ee
Governed by Linux Foundation (Coinbase, Cloudflare, Stripe, Google, Visa).
4. AP2-compatible mandates — human-in-the-loop by default
- Default: notify (human gets alert on every purchase)
-
Silent: requires explicit
confirmSilentAutonomy=true - Hard caps: $500 total, $50 per purchase, 90-day expiry
5. GitHub as a database
Every mandate transaction is a git commit at _data/mandates/. Public audit log, SHA-based optimistic locking, no external DB.
What Claude taught me
An AI agent reviewer flagged 7 issues. I implemented all 7 and published the roadmap at /trust. The key change: human-in-loop is now the DEFAULT, not opt-out.
Claude also said: "Aunque MarketNow mejorara en todo, yo seguiría sin hacer compras de forma autónoma." That's a policy, not a bug. The market for autonomous agent spending is Cursor, Cline, Aider — not chatbots.
Stats
- 8,560 MCP skills (0 synthetic)
- 58 categories (14 disclosed as bulk-imported)
- 5 languages: EN, ES, ZH, PT, FR
- $0.99–$9.99 one-time, no subscriptions
- Open source MIT, solo founder, Ecuador
Links
Feedback wanted:
- Is HTTP 402 with payment challenge headers the right x402 approach?
- Am I insane for using GitHub as a database for mandates?
- Does "trust layer, not biggest catalog" resonate?
— Edison Flores, AliceLabs LLC
Top comments (0)