Agent402 / tools / skill-fraud-signals

Skill: Fraud signals

$0.15 per call · USDC via x402 · POST /api/skill/fraud-signals

Bundled execution of the Fraud signals workflow — Is this domain trustworthy, or is it a phishing site / typosquat / scam? Pull the reputation signals an analyst checks before clicking anything: domain age, cert issuance history, hosting reputation, DNS topology, tech-stack fingerprint, and page-content red flags. Different from a security audit — this is about whether the domain is what it claims to be. One x402 payment runs 7 underlying tools (whois, cert-transparency, tls-cert, asn-info, dns-lookup, tech-stack, extract); partial-success per step.

Input

FieldTypeDescription
domain *stringDomain to evaluate (e.g. example.com or suspicious-bank-login.com)

Example output

{
  "pack": "fraud-signals",
  "args": {
    "domain": "example.com"
  },
  "steps": [
    {
      "slug": "whois",
      "ok": true,
      "result": {}
    },
    {
      "slug": "cert-transparency",
      "ok": true,
      "result": {}
    },
    {
      "slug": "tls-cert",
      "ok": true,
      "result": {}
    },
    {
      "slug": "asn-info",
      "ok": true,
      "result": {}
    },
    {
      "slug": "dns-lookup",
      "ok": true,
      "result": {}
    },
    {
      "slug": "tech-stack",
      "ok": true,
      "result": {}
    },
    {
      "slug": "extract",
      "ok": true,
      "result": {}
    }
  ],
  "summary": "7/7 steps succeeded"
}

Try it — see the 402 challenge (free)

curl -i -X POST https://agent402.tools/api/skill/fraud-signals \
  -H "Content-Type: application/json" \
  -d '{"domain":"example.com"}'

The response is HTTP 402 Payment Required with exact payment requirements. Any x402 v2 client pays automatically and retries:

Paid call (JavaScript agent)

import { wrapFetchWithPayment } from "@x402/fetch";
import { x402Client } from "@x402/core/client";
import { registerExactEvmScheme } from "@x402/evm/exact/client";
import { privateKeyToAccount } from "viem/accounts";

const client = new x402Client();
registerExactEvmScheme(client, { signer: privateKeyToAccount(KEY) });
const payFetch = wrapFetchWithPayment(fetch, client);

const res = await payFetch("https://agent402.tools/api/skill/fraud-signals", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
    "domain": "example.com"
  }),
});

Wallet-only. This tool reaches the network/browser/storage, so it is paid in USDC via x402 (no proof-of-work tier).

Related tools

Skill: Security audit

USDC $0.12 · POST /api/skill/security-audit

Bundled execution of the Security audit workflow — Enumerate a domain's external attack surface in one workflow: certs, …

Skill: Email deliverability

USDC $0.10 · POST /api/skill/email-deliverability

Bundled execution of the Email deliverability workflow — Diagnose why a domain's email lands in spam: SPF posture, DMARC…

Skill: Financial research

USDC $1.50 · POST /api/skill/financial-research

Bundled execution of the Financial research workflow — Pull SEC filings, real-time quotes, historical prices, and macro …