resources/Levels Of Self/545052a73c963da74ba38200
POSTorigin reachablediscovery only

MCP Config Governance Lint

Deterministic governance audit for MCP server configurations: plaintext secrets, unpinned packages, auto-install flags, root filesystem scopes, non-TLS transports. Findings with severities plus a 0-100 score. $0.05 USDC per call on Base via x402 v2. No signup, no API keys.

https://api.100levelup.com/x402/audit-mcp
USE THIS RESOURCE

Start with a quote-only recipe. Payment signing stays in your project.

CODE
AI CODING TOOLS
quote-check.ts
const response = await fetch("https://api.100levelup.com/x402/audit-mcp", {
  method: "POST",
  headers: { "content-type": "application/json" },
  body: JSON.stringify({
  "replace": "with provider-approved input"
}),
});

console.log(response.status);
console.log(Object.fromEntries(response.headers));
console.log((await response.text()).slice(0, 1000));

// A valid 402 is a quote, not a completed paid call.

Review the provider input schema before running this non-read-only method. No payment code is included.

STATUS HISTORY

  1. Exact route checked

    not safely testable · potentially-mutating-method:POST

  2. Origin reachable

    HEAD https://api.100levelup.com/ returned 301.

  3. Observed in 402-index

    Discovered through self-registered.

  4. Registry record checked

    Registry health: healthy.

EVIDENCE

402-indexobserved 2026-07-10 · https://402index.io/api/v1/services
origin checkHEAD https://api.100levelup.com/ → 301 on 2026-07-10
route quotenot invoked automatically · potentially-mutating-method:POST · 2026-07-10

Each record has an exact-route quote outcome. Unresolved templates and potentially mutating methods are labeled instead of being invoked without provider-specific test input. A quote is still separate from a settled paid call.

PAYMENT OPTIONS

The registry did not expose full payment options for this record.
MCP Config Governance Lint · TOLL·402