--- name: action402.vercel.app description: action402.vercel.app provides a single paid webhook execution service that fires outbound HTTPS requests to external endpoints after x402 payment verification. It returns a signed job receipt confirming execution status, attempt count, and delivery details. Retry logic and idempotency support are built in. host: action402.vercel.app --- # action402.vercel.app This host is a narrow-purpose webhook dispatcher that sits behind x402 payment gating. It serves agents that need to trigger external business events or third-party service notifications with verifiable proof of delivery. Its distinguishing feature is the combination of payment-verified execution with a signed receipt, making it suitable for auditable, paid-for side effects rather than free or speculative HTTP calls. ## When to use this host Use this host when an agent needs to trigger an external HTTPS endpoint with guaranteed delivery, retry handling, and a verifiable signed receipt — particularly when the triggering action must be payment-gated. Do not use it for read-only data fetching or polling; it does not support GET requests. Not suitable for streaming responses or webhooks that take longer than 12 seconds to complete. If you need to call external APIs without payment verification or receipt signing, a standard HTTP tool or general-purpose API gateway is more appropriate. If you need to chain multiple webhook calls or orchestrate complex workflows, this host handles only one call per invocation and has no multi-step coordination capability. ## Capabilities ### Paid Webhook Execution Fires a single outbound HTTPS POST, PUT, PATCH, or DELETE request to an external URL after payment verification, with retry logic, idempotency, and a signed receipt confirming delivery outcome. - **`execute-paid-webhook`** — Executes a single outbound HTTPS webhook request after x402 payment verification and returns a signed job receipt with status and links. ## Skill reference ### `execute-paid-webhook` **Webhook Executor** — Executes a single outbound HTTPS webhook request after x402 payment verification and returns a signed job receipt with status and links. *Use when:* Use when an agent needs to trigger an external HTTPS endpoint (e.g. notify a third-party service, fire a business event) with guaranteed delivery, retry logic, and a verifiable signed receipt proving execution occurred. *Not for:* Do not use for read-only GET requests or polling — this endpoint only supports POST, PUT, PATCH, and DELETE methods. Not suitable for streaming or long-running webhooks exceeding 12 seconds. **Inputs:** - `url` (string, required) — Absolute HTTPS URL of the target webhook endpoint to call. - `method` (string) — HTTP method to use. One of POST, PUT, PATCH, DELETE. Defaults to POST. - `headers` (object) — Optional outbound headers forwarded to the target. Hop-by-hop and proxy headers are stripped. - `body` (object) — JSON body forwarded verbatim to the target endpoint. - `idempotencyKey` (string) — Caller-provided key (1–160 chars) used to replay the same completed job instead of executing twice. - `retry` (object) — Retry configuration. 'attempts' (1–3, default 1) sets max tries; 'backoffMs' (0–5000, default 250) sets delay between retries. - `timeoutMs` (integer) — Per-attempt timeout in milliseconds. Min 1000, max 12000, default 12000. - `decisionId` (string) — Optional decision ID from /api/decide/webhook. When supplied, execution must match the stored approved decision. **Returns:** Returns mode='x402', idempotentReplay=false, a job object with id/status='succeeded'/attempts=1, a signed HMAC-SHA256 receipt, and relative links to the job and receipt records. **Example:** `{"url": "https://postman-echo.com/post", "method": "POST", "body": {"event": "payment.verified", "order": {"id": "ord_test_001", "amount": 49.99, "currency": "USD"}}, "headers": {"Content-Type": "application/json"}, "idempotencyKey": "idemkey_20260528T123456Z_ord_001", "retry": {"attempts": 2, "backoffMs": 300}, "timeoutMs": 8000}` ---