Your agent just got a URL from another model's output, a tool result, or a user. Before it sends a payment there, scrapes it, embeds it in a feed, or quotes it as a source β should it trust that domain?
Right now most agents don't check. They follow the link. That's fine until the domain is three days old, the TLS cert expired last week, or the site's robots.txt explicitly bans AI crawlers and you're ingesting it into a training set anyway.
TrustSource is a small suite of verification APIs built for exactly this moment. Four endpoints, each answering one trust question about a domain, each priced as a micro-transaction and paid per call in USDC over x402. No API keys. No signup. No account. An agent discovers the endpoint, pays a fraction of a cent, gets a structured answer, and moves on.
The four checks
| Endpoint | Price | Answers |
|---|---|---|
GET /trustscore?domain= |
$0.003 | How legitimate is this domain? (WHOIS age, TLD risk, DNS, registrar) |
GET /sslcheck?domain= |
$0.002 | Is the TLS certificate valid, trusted, and not expiring? |
GET /headers?url= |
$0.003 | How hardened is this site? (HSTS, CSP, X-Frame-Optionsβ¦ graded A+βF) |
GET /robots?domain= |
$0.002 | Am I (or AI bots in general) allowed to crawl it? |
Base URL: https://api.trustsource.cc Β· Machine-readable spec: https://api.trustsource.cc/openapi.json Β· Network: Base Mainnet, USDC settlement.
Worst case, vetting a completely unfamiliar domain across all four costs about $0.008. An agent making a hundred checks in a session spends under thirty cents.
What you actually get back
/trustscore returns a 0β100 score and a tier β TRUSTED / MODERATE / CAUTION / HIGH_RISK β plus the inputs behind it:
{
"domain": "example.com",
"score": 90,
"tier": "TRUSTED",
"breakdown": { "domainAge": 30, "tld": 20, "dnsPresence": 30, "registrar": 10 },
"details": {
"age": { "days": 10477, "label": "established (5+ years)" },
"tld": ".com",
"dns": { "hasARecord": true, "hasMxRecord": true },
"registrar": "markmonitor, inc."
}
}
/sslcheck does a live TLS handshake and returns a tier (VALID / EXPIRING / WEAK / EXPIRED / UNTRUSTED / INVALID) with chain trust, days-to-expiry, signature algorithm, and TLS version. /headers returns an A+βF grade with a per-header breakdown. /robots parses robots.txt against 24 known AI crawlers (GPTBot, ClaudeBot, Google-Extended, PerplexityBot, CCBot, and others) and returns whether you're allowed in.
Two ways to call it
1. The MCP server (zero payment code)
If your agent speaks Model Context Protocol, this is the fastest path. The server handles the entire x402 payment loop for you β you just supply a funded Base wallet key.
{
"mcpServers": {
"trustsource": {
"command": "npx",
"args": ["-y", "trustsource-mcp"],
"env": { "WALLET_PRIVATE_KEY": "0x..." }
}
}
}
It's also in the official MCP Registry as io.github.SurfEther/trustsource, and exposes four tools: trustsource_score, trustsource_ssl, trustsource_headers, trustsource_robots. That makes it reachable from MCP clients including AWS Bedrock AgentCore Gateway.
2. Direct HTTP with x402
If your agent already wraps fetch with payment handling, call the endpoints directly. Every paid endpoint returns 402 Payment Required on the first hit; an x402-aware client signs the USDC payment and retries automatically.
import { wrapFetchWithPayment } from "x402-fetch";
import { privateKeyToAccount } from "viem/accounts";
const account = privateKeyToAccount(process.env.WALLET_PRIVATE_KEY);
const fetch402 = wrapFetchWithPayment(fetch, account);
const res = await fetch402("https://api.trustsource.cc/trustscore?domain=example.com");
const data = await res.json();
The buyer wallet needs USDC on Base Mainnet and a little ETH for gas. Use a low-balance hot wallet scoped to micropayments β never your treasury key.
A real decision flow
The point isn't to call these randomly; it's to wire them into the moment a trust decision happens. Example β your agent receives an unknown URL from another LLM or tool:
-
GET /trustscore?domain={domain}β $0.003 - If
tier === "HIGH_RISK"β refuse to interact. - If
tier === "CAUTION"β also call/sslcheckand/headers; refuse if SSL isINVALID/EXPIRED/UNTRUSTED. - If
TRUSTEDorMODERATEβ proceed.
About to crawl or scrape? Lead with /robots ($0.002) and stop on BLOCKED_AI or BLOCKED_ALL. About to send USDC or follow a redirect to an unknown payment URL? Run /trustscore and /sslcheck in parallel and require both to clear.
How agents find it
TrustSource is indexed in Coinbase's x402 Bazaar and surfaced on Agentic.Market. Any agent using the Bazaar discovery flow β or the Bazaar MCP server, including through AWS Bedrock AgentCore β can find these endpoints, read their schemas, and pay for them without a human wiring up credentials first. That's the part that makes this agent-native rather than just another REST API behind a key.
Honest about the edges
A verification service that overstates itself is worse than useless, so:
-
Caching means freshness isn't real-time. A cert that expired a moment ago can still read
VALIDfor up to an hour. - WHOIS is registrar-dependent. Some registrars hide creation dates; the response says so rather than guessing, and a hidden date shouldn't be read as low trust on its own.
-
/headersgrades are defense-in-depth, not a vulnerability scan. Plenty of major sites legitimately grade F and are perfectly safe. - TrustSource scores the perimeter, not page content. Domain identity, transport security, header hygiene, crawl policy. For phishing, malware, or IP reputation, pair it with a dedicated content scanner.
Try it
The skill (a SKILL.md your agent can load directly, covering all four endpoints, decision flows, and error handling) lives here: github.com/SurfEther/trustsource-skills.
- Site: https://trustsource.cc
- API: https://api.trustsource.cc
- Spec: https://api.trustsource.cc/openapi.json
If you're building an agent that touches URLs it didn't author β and most do β a sub-cent trust check before it acts is cheap insurance. Wire one into your next decision point and see what it flags.
registration data under GDPR. When that happens, the age score falls back to 0 ("unknown"). This is a known limitation of the public WHOIS system, not something this API can work around.
-
Recently compromised legitimate domains β a 10-year-old
.comwith good DNS can still be a phishing site if the domain was hijacked. This API scores structural signals, not content. - Very new legitimate services β a startup that launched last month will score low on domain age even if it's completely legitimate. Context matters.
The score is best used as a filter to catch obvious red flags, not as a definitive verdict on any domain.
Using it without x402
If your agent stack doesn't support x402 yet, you can still test it by running the payment manually. Get some Base Sepolia testnet USDC from faucet.circle.com, switch to testnet (NETWORK=eip155:84532, FACILITATOR_URL=https://x402.org/facilitator), and use the example client from the x402 quickstart for buyers.
Resources
- API endpoint: trustsource.cc
- OpenAPI spec: trustsource.cc/openapi.json
- Agentic.Market listing: agentic.market
- x402 protocol docs: docs.x402.org
- x402 buyer quickstart: docs.cdp.coinbase.com/x402/quickstart-for-buyers
If you're building agent payment flows and have thoughts on what other trust signals would be useful, happy to hear them.
