AI agents are starting to transact with each other. They call APIs, send payments, and make decisions autonomously. But here's the problem: how does one agent know if another agent's API is trustworthy?
There's no standard way to verify if an API supports payment protocols, has proper security headers, publishes identity information, or follows regulatory requirements. Until now, the only option was manual review.
What I built
Probe runs 32 automated compliance checks on any API endpoint in under 5 seconds. No signup, no API key, no cost.
You paste a URL, hit "Run audit", and get a scored report covering:
- Payment protocols — x402 discovery, payment metadata
- Agent identity — agent.json (A2A), ERC-8004 on-chain identity
- Security — SSL/TLS, DNSSEC, DMARC/SPF, CAA records, security headers, rate limiting
- Discovery — MCP server, llms.txt, robots.txt AI crawler rules
- Documentation — OpenAPI spec, API versioning, Sunset headers
- Compliance — EU AI Act Article 14 human oversight, FATF Travel Rule, Terms of Service, Privacy Policy
- Auth maturity — OAuth2, OIDC, API key detection
- Trust signals — Wallet trust score, Content-Type validation, error handling
Every API gets a score from 0–100 and a grade (A+ to F).
The leaderboard
All audited APIs appear on a public leaderboard ranked by compliance score. Right now there are 180+ APIs ranked — from OpenAI and Stripe to smaller indie projects.
The top APIs earn the right to display a Probe trust badge on their site:
markdown
[](https://getprobe.xyz)
Top comments (0)