The headlines say agent payments are a hack waiting to happen — "200+ wallets drained." So we pointed our scanner at the actual code. The reality is more reassuring, and more specific, than the headlines suggest.
We scanned 23 public repositories with x402 in their name using x402guard's 15-rule integration-layer ruleset. Fourteen of them (61%) came back completely clean, and not a single one had a critical finding. The catastrophic pattern x402guard was built to catch first — a server endpoint that signs and broadcasts a transaction with no authentication — didn't appear once in this sample. The ecosystem is paying more attention than the drama implies.
One issue dwarfed everything else. Error and stack-trace leaks accounted for 81 of all findings — endpoints returning a raw error (or full stack trace) in the HTTP response. On its own it's "only" medium severity. But to an attacker probing an agent-payment API, a leaked stack trace is a free map: file paths, dependency versions, framework internals, sometimes the shape of a database query. It's the reconnaissance step that makes the next attack cheap.
The fix is trivial — return a generic error to the client, log the detail server-side — which is exactly why it's worth doing. Free defense rarely is.
Averages hide the risk. While most projects were clean, roughly one in eight scored C or worse, and the worst carried four separate high-severity findings — including a value-moving contract function with no reentrancy guard and privileged setters with no access control. When x402 code goes wrong, it goes wrong around money. (We don't name individual repos — these were reported through normal channels, not published.)
Beyond the leaks, the other patterns that showed up:
SOL-PRIVILEGED-NO-MODIFIERprivileged setter with no access modifierSOL-REENTRANCYvalue-moving function without a reentrancy guardX402-WEAK-RANDOMMath.random() for an id / token / nonceX402-CORS-WILDCARDwildcard CORS on a sensitive endpointX402-INMEM-RATELIMITin-memory rate limiter (useless on serverless)x402 builders are getting the headline stuff right — the missing-auth, money-moving disasters are rare. The real exposure has moved to the web↔chain glue: error handling, access modifiers, randomness, CORS, rate limiting. None of it is caught by Slither or MythX, because none of it lives in the contract. It lives in the integration — and the integration is now the soft underbelly of agent payments.
Paste a snippet or scan a public repo — free, no signup, same 15-rule engine.
Scan my code →x402 in the name, actively pushed in 2026, scanned via the public x402guard grader (15-rule integration-layer ruleset) in June 2026. Awesome-lists and security tooling were excluded; demos and integrations were included. Counts are finding-instances across the sample. x402guard is heuristic static analysis — it has false positives and negatives and complements, but does not replace, a professional smart-contract / ZK audit. Individual repositories are not named; any high-severity issues were communicated privately.