We graded every x402 endpoint with Cloudflare's agent-readiness scanner
TL;DR: Cloudflare quietly shipped isitagentready.com — a public scanner that grades any URL for AI-agent readiness on a 0–5 scale across 19 checks (robots.txt, MCP server cards, A2A agent cards, x402, OAuth resource metadata, etc.). We ran it against the entire active x402 catalog: 45 unique hosts covering 24 243 of the 25 770 active endpoints (94.1% by reach). 53% of those endpoints are at level 0 — no agent-readiness signals beyond what a 1995 web server gives you. Only 5% of hosts had x402 detected by the scanner. The signals that move the needle cost an afternoon to add — but almost nobody has.
Why this matters
x402 is the agent-payment standard. The whole point is agents — not humans — discovering and paying API endpoints autonomously. So whatever signals AI agents and their tooling actually use to decide "is this site ready for me to talk to" matters more than dashboard polish or documentation prose.
Cloudflare's isitagentready.com is the first public, independent, multi-vendor benchmark for that. It checks 19 things across five categories:
| Category | Checks |
|---|---|
| Discoverability | robots.txt, sitemap, Link headers |
| Content Accessibility | Markdown content negotiation |
| Bot Access Control | AI-bot rules in robots.txt, Content Signals, Web Bot Auth |
| Protocol Discovery | MCP Server Card, A2A Agent Card, Agent Skills, WebMCP, API Catalog, OAuth discovery, OAuth Protected Resource |
| Commerce | x402, MPP, UCP, ACP, AP2 |
The 5-level grade collapses into:
- Level 0 — Basic web presence missing
- Level 1 — Has robots.txt + sitemap (basic web)
- Level 2 — Bot-Aware (Content Signals declared)
- Level 3 — Agent-Readable (Markdown content negotiation works)
- Level 4 — Agent-Integrated (MCP / Link headers / A2A)
- Level 5 — Agent-Native (full OAuth Protected Resource + Agent Skills + API Catalog)
Cloudflare's own site is at level 4 — same level a well-tuned x402 service can reach (we'll show how at the end).
Methodology
We pulled every is_active = true endpoint from our database (25 770 rows across 573 services), deduped by hostname (the scanner looks at host-level artifacts: /robots.txt, /.well-known/*, MCP/A2A cards), and POSTed each unique host's first endpoint URL to https://isitagentready.com/api/scan. Concurrency 4, 60-second per-call timeout, polite User-Agent identifying ourselves.
Caveat: Cloudflare rate-limited us at ~50 scans. Of 550 unique hosts we tried to scan in a single run, 45 succeeded before the scanner started returning HTTP 429. Those 45 happen to include both top providers, so they cover 94.1% of all active endpoints in the catalog (the long tail of 500+ small hosts each contributing 1–10 endpoints is missing). We're publishing this anyway because the headline distribution is unambiguous; a polite-rerun (--concurrency=1, 30 s between scans, ~5 hours wall-clock) for full coverage is on the to-do list.
Code: scripts/cloudflare-scan-catalog.ts · raw data/cloudflare-scans/<run-id>/results.jsonl written incrementally so a SIGINT never loses what was already scanned.
Results
Level distribution (by endpoint reach, not host count)
| Level | Hosts | Endpoints reached | % of covered endpoints |
|---|---|---|---|
| 0 — Basic web missing | 25 | 12 907 | 53.2% |
| 1 — Basic web | 12 | 10 963 | 45.2% |
| 2 — Bot-Aware | 1 | 45 | 0.2% |
| 3 — Agent-Readable | 0 | 0 | 0.0% |
| 4 — Agent-Integrated | 0 | 0 | 0.0% |
| 5 — Agent-Native | 0 | 0 | 0.0% |
| unknown (CF couldn't classify) | 7 | 328 | 1.4% |
The story isn't subtle. 98.4% of the x402 catalog by endpoint reach sits at level 0 or level 1: no agent-readiness signals beyond robots.txt and a sitemap.
(Our own site x402station.io was the 51st in the queue and got HTTP 429 in this run — a separate one-off scan via the same /api/scan endpoint puts us at level 4, the same grade as Cloudflare's own site. We'll come back to how to get there.)
Per-check pass rates
What signals do x402 hosts actually emit? (Sorted by % of hosts passing each check.)
| Check | % passing | Notes |
|---|---|---|
robotsTxt |
53% | The only check most hosts pass |
robotsTxtAiRules |
53% | Wildcard User-agent: * rules count — very low bar |
sitemap |
34% | |
mcpServerCard |
24% | A static JSON file at /.well-known/mcp/server-card.json |
contentSignals |
18% | One line in robots.txt (Content-Signal: ai-train=no, …) |
oauthDiscovery |
5% | |
x402 |
5% (2 of 38) | The single check this catalog most needs to pass |
markdownNegotiation |
3% | One Next.js middleware |
a2aAgentCard |
3% | Static JSON, missed by all but one |
agentSkills |
3% | |
linkHeaders |
0% | Two lines of nginx config |
webBotAuth |
0% | |
apiCatalog |
0% | RFC 9727 draft, basically nobody implements yet |
oauthProtectedResource |
0% | |
webMcp |
0% | |
MPP / UCP / ACP / AP2 |
0% each | Other agent-commerce standards (literally zero adoption in this catalog) |
isCommerce: false for 84% of hosts
Cloudflare gates whether they even run the commerce-category checks behind a heuristic called isCommerce. It comes back false for 84% of x402 hosts (the rest are unknown — CF couldn't classify). Translation: Cloudflare's scanner cannot tell most x402 services are commerce sites because they don't expose the signals the heuristic looks for (Bazaar registration, x402 manifest at root, prices in homepage HTML). Even the two hosts where x402 was detected (bridge.eruditepay.com and x402.quicknode.com) still got isCommerce: false — they passed the dedicated x402 check via Bazaar lookup, but didn't trip Cloudflare's commerce-site heuristic.
The two outliers, the one star, and the rest
The only hosts that scored anything other than level 0 were:
alpha.palmvox.com(level 2, 45 endpoints) — the lone level-2 host. They have Content Signals.bridge.eruditepay.com(level 0, 284 endpoints) — x402 detected via Bazaar. No other signals, no robots.txt, no MCP card, no llms.txt.x402.quicknode.com(level 0, 136 endpoints) — same: x402 via Bazaar, otherwise nothing.
The rest of the top providers — lowpaymentfee.com (10 659 endpoints, level 0), orbisapi.com (9 720 endpoints, level 1), freepik.x402.paysponge.com (466 endpoints, level 0), and so on down the list — all bare metal. Single-provider concentration in the catalog turns out to also be single-readiness concentration: one host's choice about agent-signals moves the average for half the ecosystem.
The big finding: Bazaar registration is the dividing line
Of the 2 hosts where Cloudflare detected x402, both were registered in Coinbase's Bazaar discovery API. That's the single signal — registering your endpoint with the canonical x402 facilitator's discovery layer — that flips Cloudflare from "x402 not detected" to "x402 detected on /api/v1".
The path looks like this:
- Add the
bazaarextension to your 402 response payload (one helper call:declareDiscoveryExtensionfrom@x402/extensions/bazaar) - Self-pay $0.001 once through CDP facilitator (or wait for organic traffic — anyone paying you with the extension echoed in payload triggers indexing)
- Within ~30 seconds, your endpoint shows up in CDP's discovery API
- Cloudflare's scanner then sees you when it queries
https://api.cdp.coinbase.com/platform/v2/x402/discovery/resources
Cost to fix: zero engineering effort if your facilitator is already CDP, plus $0.001 per endpoint to bootstrap. Returns: a real x402 pass on every agent-readiness scan that uses Bazaar as ground truth.
How we landed at level 4
Across the seven security/reliability/discovery audits we ran on our own service in April 2026, the agent-discovery layer that lifted us from level 1 to level 4:
robots.txtwithContent-Signal: ai-train=no, search=yes, ai-input=yes→ unlocks level 2/.well-known/mcp/server-card.jsondescribing the npm-installable MCP adapter → unlocksmcpServerCard/llms.txtserved astext/markdownwith Cloudflare's exactAccept: text/markdowncontent negotiation on/→ unlocks level 3 +markdownNegotiationLinkheaders on/pointing at the manifest, OpenAPI spec, agent-card, MCP card → unlockslinkHeadersbazaarextension on all three paid routes + one $0.001 self-pay → unlocksx402
Total engineering: maybe an afternoon if you know what you're doing. Total spend: ~$0.007 in self-pay USDC.
We're at level 4 / 5 — same grade as Cloudflare's own site. The level-5 gap is two more checks (full RFC 9727 API Catalog, OAuth Protected Resource Metadata) we deferred because Cloudflare's own site doesn't pass them either.
Three things this scan made obvious
- Agents using Cloudflare's readiness scan as a filter would skip 98%+ of the x402 catalog. They'd never even see most x402 endpoints. There's a real distribution gap closing there for any project willing to ship the missing signals.
- Decoys cluster at level 0. Every $1000+ endpoint we flagged as a Questflow-style honeypot sits at level 0 with zero signals. They aren't TRYING to be findable — they want random scrapers to stumble in and lose money. A pre-flight call catches them.
- Single-provider concentration is also single-readiness concentration.
lowpaymentfee.com(10 659 endpoints, ~52% of the catalog) is at level 0. One host's decisions about agent-readiness moves half the ecosystem's number.
Reproduce this
The script is open-source and runs in ~40 minutes against the live catalog (or longer with --concurrency=1 to avoid Cloudflare rate-limits):
git clone https://github.com/sF1nX/x402station.git
cd x402station
bun install
bun run scripts/cloudflare-scan-catalog.ts --concurrency=1 --delay-ms=20000
Raw results land in data/cloudflare-scans/<timestamp>/results.jsonl (one JSON object per host) with the full Cloudflare scan envelope so you can drill into individual checks.
If you're an agent operator paying x402 endpoints
Our oracle will tell you whether a URL is safe before you spend USDC on it:
npx -y x402station-mcp
Three pay-per-call tools, all priced in USDC on Base mainnet via x402:
preflight($0.001) —{ok, warnings[], metadata}for any URLforensics($0.001) — 7-day uptime, latency p50/p90/p99, decoy probabilitycatalog_decoys($0.005) — full known-bad list as one JSON, cache locally
Earlier piece: We probed 20 338 x402 endpoints. 161 are agent honeypots.