AgentProbe

AgentProbe is a web-based multi-protocol validator for AI agent endpoints. Enter a URL and get instant assessment across eight protocol layers. Live demo: agentprobe.xyz

What It Does

Input: A single agent endpoint URL
Assessment: Runs the mcp-agent-assessment pipeline with protocol-specific validators
Output: Unified verdicts per protocol layer plus raw assessment data

One URL is enough. AgentProbe discovers which protocols the endpoint supports and validates each one independently.

Protocol Layers

AgentProbe assesses eight protocol layers:

Layer	What it checks
HTTP	Connectivity, HTTPS, SSL validation, CORS, HTTP/2 detection
MCP	Server discovery, tool/resource/prompt listing, capability detection
A2A / AP2	Agent card validation, AP2 version and role detection via `capabilities.extensions` and `X-A2A-Extensions` header
x402	Payment-required endpoint detection with scheme, network, and token analysis
OAuth	Authorization server metadata discovery
MCP Apps	UI resource detection for MCP applications
HTML	Website detection, Content-Type, SSL status, HTTP/2
ERC-8004	On-chain agent registry lookup with OASF classification, reputation, and metadata extraction

Not every endpoint supports all protocols. AgentProbe gracefully handles unsupported layers and shows results only for detected protocols.

Architecture

URL Input  -->  Server  -->  mcp-agent-assessment
                                    |
                    +-------+-------+-------+-------+
                    |       |       |       |       |
                   HTTP    MCP   A2A/AP2   x402   OAuth
                    |       |       |       |       |
                    +-------+-------+-------+-------+
                                    |
                               Results UI

The server receives a URL, passes it to the unified assessment pipeline, and returns structured results for each protocol layer.

API Endpoints

`POST /api/validate`

Returns a structured validation result with separate sections for each protocol.

curl -X POST https://agentprobe.xyz/api/validate \
  -H 'Content-Type: application/json' \
  -d '{"url": "https://your-endpoint.example.com/mcp"}'

The response contains mcp, a2a, ui (MCP Apps), and oauth objects, each with status, categories, summary, and messages.

`POST /api/assess`

Returns the raw assessment result from mcp-agent-assessment with full layer details.

curl -X POST https://agentprobe.xyz/api/assess \
  -H 'Content-Type: application/json' \
  -d '{"url": "https://your-endpoint.example.com/mcp"}'

Optional parameters:

Key	Type	Description
`timeout`	number	Timeout in milliseconds
`erc8004`	object	ERC-8004 config with `rpcNodes`

`POST /api/lookup`

Query the ERC-8004 on-chain registry for agent registration data, endpoints, OASF classification, and reputation.

curl -X POST https://agentprobe.xyz/api/lookup \
  -H 'Content-Type: application/json' \
  -d '{"agentId": 2340, "chainId": 8453}'

Key	Type	Description	Required
`agentId`	number	Agent token ID in the ERC-8004 registry	Yes
`chainId`	number or string	Chain ID (e.g., `8453` for Base) or CAIP-2 (e.g., `eip155:8453`)	Yes
`rpcNodes`	object	Custom RPC nodes per chain alias	No

Validate Your Own MCP Server

Deploy your MCP server

Make sure your MCP server is publicly accessible (e.g., via ngrok or a cloud deployment).

Open AgentProbe

Go to agentprobe.xyz in your browser.

Enter your endpoint URL

Paste your MCP server URL (e.g., https://your-server.example.com/mcp) and click validate.

Review results

AgentProbe shows verdicts for each protocol layer. Green means supported and valid, red means issues detected, gray means not applicable.

Or use the API directly:

curl -X POST https://agentprobe.xyz/api/validate \
  -H 'Content-Type: application/json' \
  -d '{"url": "https://your-server.example.com/mcp"}'

Authentication

Authentication is optional. When API_TOKEN is not set, the API is open (dev mode). When API_TOKEN is set, two authentication methods are supported:

Method	How it works
Session Cookie	Browser visits the UI and receives a session cookie automatically
Bearer Token	External scripts send `Authorization: Bearer <API_TOKEN>` header

# With Bearer token
curl -X POST https://agentprobe.xyz/api/validate \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer your-token-here' \
  -d '{"url": "https://your-endpoint.example.com"}'

Dependencies

AgentProbe builds on the FlowMCP validator ecosystem:

Package	Purpose
mcp-agent-assessment	Unified assessment pipeline
a2a-agent-validator	A2A agent card and AP2 detection
x402-mcp-validator	x402 payment protocol validation
mcp-apps-validator	MCP Apps UI resource detection
erc8004-registry-parser	ERC-8004 on-chain registry parsing

Getting Started

Specification v2.0.0

Guides

Ecosystem

Reference

What It Does

Protocol Layers

Architecture

API Endpoints

`POST /api/validate`

`POST /api/assess`

`POST /api/lookup`

Validate Your Own MCP Server

Authentication

Dependencies

Links

Getting Started

Specification v2.0.0

Guides

Ecosystem

Reference

​What It Does

​Protocol Layers

​Architecture

​API Endpoints

​POST /api/validate

​POST /api/assess

​POST /api/lookup

​Validate Your Own MCP Server

​Authentication

​Dependencies

​Links

What It Does

Protocol Layers

Architecture

API Endpoints

`POST /api/validate`

`POST /api/assess`

`POST /api/lookup`

Validate Your Own MCP Server

Authentication

Dependencies

Links