Your first real customer before launch.
PreFlight discovers what a paid agent service actually exposes, optionally completes a bounded real payment, verifies settlement and delivery, and returns RELEASE, BLOCK, or UNKNOWN with criterion-level evidence, remediation, and signed proof.
Launch PreFlight · Documentation · Hosted API · npm CLI
Source is publicly available for review. No license for reuse, modification, or redistribution is granted unless stated otherwise.
Health checks do not prove that a paid agent service works for a real customer.
A service can respond successfully while its live contract advertises the wrong price, network, asset, or payee. Payment can settle while delivery fails. Declared behavior can drift from production. A generic score can hide the exact issue blocking release.
PreFlight tests the buyer journey before customers discover the failure.
- Contract drift between what was declared and what is live
- Incorrect payment challenge terms
- Successful settlement followed by failed delivery
- Duplicate-payment or replay inconsistencies
- Missing evidence and unclear remediation
PreFlight separates free discovery from paid release verification. Nothing is charged until the developer confirms the discovered contract and starts the full check.
- Submit a public endpoint.
- Discover the live service contract.
- Review a proposed manifest with provenance.
- Confirm the release check and complete the x402 payment.
- Optionally authorize bounded buyer proof against the target service.
- Receive a decision, criterion evidence, remediation, and a signed receipt.
| Surface | What is checked |
|---|---|
| Discovery | What the endpoint actually exposes over HTTPS, MCP, and payment challenges |
| Contract integrity | Whether price, network, asset, payee, and declared behavior match production |
| Payment challenge | Whether the buyer receives coherent and actionable payment terms |
| Settlement | Whether the required payment state is actually reached |
| Delivery | Whether the service returns the promised result after payment |
| Replay behavior | Whether repeated payment or delivery attempts behave safely |
| Evidence | Whether each criterion is supported by an observable fact rather than a generic score |
| Decision | Meaning |
|---|---|
RELEASE |
Mandatory criteria match the declared release and no blocking contradiction was observed. |
BLOCK |
At least one mandatory criterion contradicts the release. |
UNKNOWN |
PreFlight could not safely prove the criterion either way. Unknown is honest; it is never silently upgraded. |
Each decision is built from criterion-level states:
MATCH— observed production behavior matches the declarationCONTRADICTION— observed production behavior conflicts with the declarationUNKNOWN— there is not enough safe evidenceNOT_APPLICABLE— the criterion does not apply to this surface
Real product output: verdict, criterion evidence, remediation, and signed proof.
- Discovery-first input — start with a public endpoint rather than a hand-authored manifest.
- Proposed manifest with provenance — inferred fields show where they came from and whether confirmation is required.
- Bounded buyer proof — with owner attestation and spend limits, PreFlight can pay and take delivery like a real customer.
- Deterministic verdicts — RELEASE, BLOCK, or UNKNOWN from criterion states, not an opaque aggregate score.
- Actionable remediation — contradictions include observed evidence and the exact issue to fix.
- Signed receipts — Ed25519 signatures over canonical JSON, verifiable outside the report page.
- Private reports — bearer capability tokens protect non-public report data.
- Agent-native access — use the hosted API, MCP endpoint, or npm CLI.
- Portable proof — opt-in badges and gallery entries expose only approved release evidence.
| Surface | Best for | Entry point |
|---|---|---|
| Web | Interactive discovery and human-readable reports | https://usepreflight.xyz |
| API | Programmatic release checks | https://api.usepreflight.xyz |
| MCP | Agent-native discovery and verification | https://api.usepreflight.xyz/mcp |
| CLI | Local workflows and CI integration | @vinaystwt/preflight-cli |
Open https://usepreflight.xyz, paste a public endpoint, and review the proposed manifest. Discovery is free. A full release verification costs 0.10 USDT.
curl -s https://api.usepreflight.xyz/api/v1/service | jq
curl -s https://api.usepreflight.xyz/api/v1/contracts/release-manifest/v1 | jqPOST /api/v1/verify-release is the paid x402 release-check endpoint. An unpaid request returns a payment challenge; a funded client replays the request with the required payment proof.
See docs/api.md.
{
"mcpServers": {
"preflight": {
"url": "https://api.usepreflight.xyz/mcp"
}
}
}CLI installation is not required for the hosted MCP service.
See docs/mcp.md.
npm install -g @vinaystwt/preflight-cli
preflight --help
preflight verify --help
preflight verify-receipt --help
npx @vinaystwt/preflight-cli --helpSee docs/cli.md.
PreFlight keeps discovery, payment verification, bounded buyer execution, criterion evaluation, report storage, and receipt signing as explicit trust boundaries.
Web, CLI, and MCP clients call the Fastify API. Discovery uses guarded egress to inspect public services. The seller gate verifies payment to PreFlight, while bounded buyer execution can independently pay the target service. A deterministic criterion engine writes private reports and signs portable receipts with Ed25519.
See docs/architecture.md.
Every completed verification can issue a portable receipt:
- canonical JSON with sorted keys;
- SHA-256 payload hash;
- Ed25519 signature;
- public verification keys at
GET /api/v1/pubkeys; - public receipt lookup at
GET /api/v1/receipts/{receipt_id}.
See docs/receipts.md and docs/cli.md.
PreFlight is a verifier, not a custody product.
- Private reports require bearer capability tokens.
- Reports are published only after the required settlement state.
- Probe egress rejects private/internal targets and unsafe redirects.
- Bounded buyer proof requires owner attestation and spend caps.
- Terms-hash drift aborts buyer proof before payment.
- Seller, buyer, and operational wallets are separated by role.
- Ambiguous evidence returns UNKNOWN rather than a false release.
See docs/security.md.
Local development
Backend:
npm ci
npm run typecheck
npm run build
npm test -- --run
npm run migrate
npm startWeb:
cd web
npm ci
npm run lint
npm run build
npx tsc --noEmit
npx playwright test --reporter=listCLI:
npm run build --prefix packages/cli
(cd packages/cli && npm pack --dry-run)Project structure
src/ Fastify API, MCP, release criteria, payments, receipts
src/db/migrations/ Additive database migrations
web/ Next.js web application
packages/cli/ Published CLI source
docs/ API, MCP, receipt, security, architecture, and deployment docs
test/ Backend and release-gate tests
- Agent ID resolution is intentionally conservative unless an authoritative listing resolver is configured.
- Gallery entries are opt-in.
- Chain anchoring is disabled unless explicitly configured and proven.
- Browser receipt verification may fall back honestly if local Ed25519 support is unavailable.
- The CLI is published as
@vinaystwt/preflight-cli@0.1.0; documented commands are limited to verified registry behavior.
No public license has been selected. Do not assume rights to reuse, modify, or redistribute the source unless a license is added.
