Security posture and audit responses
Anyone installing the SDK runs our verify path against real money. Every review we commission or receive — and every finding that reached code — is published below with the fixes, the version they shipped in, and how to recognise them in your dependency tree.
Responsible disclosure
Found something that could affect the verify path or a developer’s funds? Email security@agentpaywall.com before opening a public issue. We’ll respond within one business day and credit reporters in the audit response, unless you’d rather stay anonymous.