{"openapi":"3.0.0","info":{"title":"Permission Guard","version":"1.0.0","description":"Checks if an agent's requested action exceeds its defined scope. Pay-per-request via x402 (USDC on Base).","guidance":"POST to /mcp with a JSON-RPC body calling 'check_permission' with 'action' (string), 'resource' (string), and 'scope' (array of {resource, actions[]}). Include X-Payment-Tx header. Returns { allowed, violations, risk_level }."},"paths":{"/mcp":{"post":{"summary":"Check agent action against permission scope","description":"MCP endpoint for check_permission tool. Requires x402 payment (0.002 USDC on Base).","x-payment-info":{"protocols":["x402"],"pricingMode":"fixed","price":"0.002"},"parameters":[{"name":"X-Payment-Tx","in":"header","required":true,"description":"Transaction hash from USDC transfer on Base","schema":{"type":"string"}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["jsonrpc","method","params","id"],"properties":{"jsonrpc":{"type":"string","enum":["2.0"]},"method":{"type":"string","enum":["tools/call"]},"params":{"type":"object","required":["name","arguments"],"properties":{"name":{"type":"string","enum":["check_permission"]},"arguments":{"type":"object","required":["action","resource","scope"],"properties":{"action":{"type":"string","description":"The action to check (e.g. read, write, delete)"},"resource":{"type":"string","description":"The resource path (e.g. db/users)"},"scope":{"type":"array","items":{"type":"object","properties":{"resource":{"type":"string"},"actions":{"type":"array","items":{"type":"string"}}}},"description":"Agent's permission scope"}}}}},"id":{"type":"number"}}}}}},"responses":{"200":{"description":"Permission check result","content":{"application/json":{"schema":{"type":"object","properties":{"allowed":{"type":"boolean"},"violations":{"type":"array","items":{"type":"string"}},"risk_level":{"type":"string"}}}}}},"402":{"description":"Payment Required"}}}}}}