{ "tool": { "slug": "action-guard", "title": "Action Guard", "category": "Command Safety", "description": "Scan model-generated code or shell scripts for destructive commands, credential access, and unsafe runtimes.", "buyerIntent": "Use before allowing an agent-generated action to touch a filesystem, shell, or deployment target.", "tokenValue": "Blocks risky actions before they create expensive recovery work.", "method": "POST", "rawBlueprintSlug": "secure-model-action-guard", "priceUSDC": 0.015, "latencyTargetMs": 260, "status": "live-preview", "tags": [ "security", "guardrails", "shell", "filesystem" ], "requestSchema": { "type": "object", "required": [ "code" ], "properties": { "code": { "type": "string" }, "language": { "type": "string" } } }, "responseSchema": { "type": "object", "properties": { "isSafe": { "type": "boolean" }, "blockedPatterns": { "type": "array", "items": { "type": "string" } }, "securityLevel": { "type": "string" } } }, "sampleRequest": { "code": "rm -rf /var/log/nginx && systemctl restart nginx", "language": "bash" }, "sampleResponse": { "isSafe": false, "blockedPatterns": [ "destructive-command" ], "securityLevel": "blocked" }, "endpoint": "/api/v1/agent-tools/action-guard/", "absoluteEndpoint": "https://elpa.space/api/v1/agent-tools/action-guard/", "pageUrl": "https://elpa.space/agent-tools/#action-guard", "rawBlueprintUrl": "https://elpa.space/raw/secure-model-action-guard", "priceLabel": "0.015 USDC" }, "payment": { "protocol": "x402", "implementation": "x402 v2 exact EVM facilitator with legacy Base USDC transaction-hash fallback", "network": "Base", "networkCaip2": "eip155:8453", "currency": "USDC", "tokenContract": "0x833589fcd6edb6e08f4c7c32d4f71b54bda02913", "recipientAddress": "0xd9d6ae1d5a2128fea511460fac8e4dea58baf153", "paymentHeaders": [ "PAYMENT-SIGNATURE", "X-PAYMENT", "x402-tx-hash (legacy)" ], "challengeHeader": "PAYMENT-REQUIRED", "responseHeader": "PAYMENT-RESPONSE", "facilitatorEnv": [ "X402_FACILITATOR_URL", "X402_FACILITATOR_AUTHORIZATION" ], "maxTimeoutSeconds": 120, "priceUSDC": 0.015, "x402": { "x402Version": 2, "resource": { "url": "https://elpa.space/api/v1/agent-tools/action-guard/", "description": "Scan model-generated code or shell scripts for destructive commands, credential access, and unsafe runtimes.", "mimeType": "application/json", "serviceName": "ELPA Agent Tools", "tags": [ "security", "guardrails", "shell", "filesystem" ], "iconUrl": "https://elpa.space/logo.svg" }, "accepts": [ { "scheme": "exact", "network": "eip155:8453", "amount": "15000", "asset": "0x833589fcd6edb6e08f4c7c32d4f71b54bda02913", "payTo": "0xd9d6ae1d5a2128fea511460fac8e4dea58baf153", "maxTimeoutSeconds": 120, "extra": { "name": "USDC", "version": "2", "decimals": 6 } } ], "paymentRequired": { "x402Version": 2, "error": "PAYMENT-SIGNATURE header is required", "resource": { "url": "https://elpa.space/api/v1/agent-tools/action-guard/", "description": "Scan model-generated code or shell scripts for destructive commands, credential access, and unsafe runtimes.", "mimeType": "application/json", "serviceName": "ELPA Agent Tools", "tags": [ "security", "guardrails", "shell", "filesystem" ], "iconUrl": "https://elpa.space/logo.svg" }, "accepts": [ { "scheme": "exact", "network": "eip155:8453", "amount": "15000", "asset": "0x833589fcd6edb6e08f4c7c32d4f71b54bda02913", "payTo": "0xd9d6ae1d5a2128fea511460fac8e4dea58baf153", "maxTimeoutSeconds": 120, "extra": { "name": "USDC", "version": "2", "decimals": 6 } } ], "extensions": { "bazaar": { "info": { "discoverable": true, "category": "Command Safety", "tags": [ "security", "guardrails", "shell", "filesystem" ], "input": { "code": "rm -rf /var/log/nginx && systemctl restart nginx", "language": "bash" }, "output": { "isSafe": false, "blockedPatterns": [ "destructive-command" ], "securityLevel": "blocked" } }, "schema": { "type": "object", "properties": { "discoverable": { "type": "boolean" }, "category": { "type": "string" }, "tags": { "type": "array", "items": { "type": "string" } }, "input": { "type": "object", "required": [ "code" ], "properties": { "code": { "type": "string" }, "language": { "type": "string" } } }, "output": { "type": "object", "properties": { "isSafe": { "type": "boolean" }, "blockedPatterns": { "type": "array", "items": { "type": "string" } }, "securityLevel": { "type": "string" } } } } } } } }, "paymentRequiredBase64": "eyJ4NDAyVmVyc2lvbiI6MiwiZXJyb3IiOiJQQVlNRU5ULVNJR05BVFVSRSBoZWFkZXIgaXMgcmVxdWlyZWQiLCJyZXNvdXJjZSI6eyJ1cmwiOiJodHRwczovL2VscGEuc3BhY2UvYXBpL3YxL2FnZW50LXRvb2xzL2FjdGlvbi1ndWFyZC8iLCJkZXNjcmlwdGlvbiI6IlNjYW4gbW9kZWwtZ2VuZXJhdGVkIGNvZGUgb3Igc2hlbGwgc2NyaXB0cyBmb3IgZGVzdHJ1Y3RpdmUgY29tbWFuZHMsIGNyZWRlbnRpYWwgYWNjZXNzLCBhbmQgdW5zYWZlIHJ1bnRpbWVzLiIsIm1pbWVUeXBlIjoiYXBwbGljYXRpb24vanNvbiIsInNlcnZpY2VOYW1lIjoiRUxQQSBBZ2VudCBUb29scyIsInRhZ3MiOlsic2VjdXJpdHkiLCJndWFyZHJhaWxzIiwic2hlbGwiLCJmaWxlc3lzdGVtIl0sImljb25VcmwiOiJodHRwczovL2VscGEuc3BhY2UvbG9nby5zdmcifSwiYWNjZXB0cyI6W3sic2NoZW1lIjoiZXhhY3QiLCJuZXR3b3JrIjoiZWlwMTU1Ojg0NTMiLCJhbW91bnQiOiIxNTAwMCIsImFzc2V0IjoiMHg4MzM1ODlmY2Q2ZWRiNmUwOGY0YzdjMzJkNGY3MWI1NGJkYTAyOTEzIiwicGF5VG8iOiIweGQ5ZDZhZTFkNWEyMTI4ZmVhNTExNDYwZmFjOGU0ZGVhNThiYWYxNTMiLCJtYXhUaW1lb3V0U2Vjb25kcyI6MTIwLCJleHRyYSI6eyJuYW1lIjoiVVNEQyIsInZlcnNpb24iOiIyIiwiZGVjaW1hbHMiOjZ9fV0sImV4dGVuc2lvbnMiOnsiYmF6YWFyIjp7ImluZm8iOnsiZGlzY292ZXJhYmxlIjp0cnVlLCJjYXRlZ29yeSI6IkNvbW1hbmQgU2FmZXR5IiwidGFncyI6WyJzZWN1cml0eSIsImd1YXJkcmFpbHMiLCJzaGVsbCIsImZpbGVzeXN0ZW0iXSwiaW5wdXQiOnsiY29kZSI6InJtIC1yZiAvdmFyL2xvZy9uZ2lueCAmJiBzeXN0ZW1jdGwgcmVzdGFydCBuZ2lueCIsImxhbmd1YWdlIjoiYmFzaCJ9LCJvdXRwdXQiOnsiaXNTYWZlIjpmYWxzZSwiYmxvY2tlZFBhdHRlcm5zIjpbImRlc3RydWN0aXZlLWNvbW1hbmQiXSwic2VjdXJpdHlMZXZlbCI6ImJsb2NrZWQifX0sInNjaGVtYSI6eyJ0eXBlIjoib2JqZWN0IiwicHJvcGVydGllcyI6eyJkaXNjb3ZlcmFibGUiOnsidHlwZSI6ImJvb2xlYW4ifSwiY2F0ZWdvcnkiOnsidHlwZSI6InN0cmluZyJ9LCJ0YWdzIjp7InR5cGUiOiJhcnJheSIsIml0ZW1zIjp7InR5cGUiOiJzdHJpbmcifX0sImlucHV0Ijp7InR5cGUiOiJvYmplY3QiLCJyZXF1aXJlZCI6WyJjb2RlIl0sInByb3BlcnRpZXMiOnsiY29kZSI6eyJ0eXBlIjoic3RyaW5nIn0sImxhbmd1YWdlIjp7InR5cGUiOiJzdHJpbmcifX19LCJvdXRwdXQiOnsidHlwZSI6Im9iamVjdCIsInByb3BlcnRpZXMiOnsiaXNTYWZlIjp7InR5cGUiOiJib29sZWFuIn0sImJsb2NrZWRQYXR0ZXJucyI6eyJ0eXBlIjoiYXJyYXkiLCJpdGVtcyI6eyJ0eXBlIjoic3RyaW5nIn19LCJzZWN1cml0eUxldmVsIjp7InR5cGUiOiJzdHJpbmcifX19fX19fX0=", "facilitator": { "url": "https://api.cdp.coinbase.com/platform/v2/x402", "verify": "/verify", "settle": "/settle" }, "legacy": { "enabled": true, "header": "x402-tx-hash", "note": "Legacy Base USDC transaction-hash receipts remain accepted for manual testing, but PAYMENT-SIGNATURE is the primary x402 path." } } } }