400860 Agent Security Policy Pack
Agent security policy pack before AI/MCP tools, files, browser state, secrets, wallets, or spend; returns permission matrix, spend guard, audit schema, blocked-action tests, and Codex implementation prompt.
Start with a quote-only recipe. Payment signing stays in your project.
const response = await fetch("https://api.400860.xyz/v1/agent/security-policy-pack", {
method: "GET",
});
console.log(response.status);
console.log(Object.fromEntries(response.headers));
console.log((await response.text()).slice(0, 1000));
// A valid 402 is a quote, not a completed paid call.This sends no payment. Inspect the 402 response before adding a wallet-enabled client.
- Exact route checked
skipped origin unreachable · origin-check:ERR_SSL_PACKET_LENGTH_TOO_LONG
- Origin unavailable
ERR_SSL_PACKET_LENGTH_TOO_LONG
- Observed in 402-index
Discovered through self-registered.
- Registry record checked
Registry health: degraded.
EVIDENCE
Each record has an exact-route quote outcome. Unresolved templates and potentially mutating methods are labeled instead of being invoked without provider-specific test input. A quote is still separate from a settled paid call.