Blog
Building AI-native security tools with MCP and x402.
EPSS vs CVSS: Which Vulnerability Score Actually Matters?
CVSS tells you how bad a vulnerability could be. EPSS tells you how likely it is to be exploited. Here's why the distinction matters for prioritizing fixes.
x402 Explained: How HTTP 402 Enables Payments for AI Agents
What is x402? A practical guide to the HTTP payment protocol that lets AI agents pay for API calls with USDC — no accounts, no API keys, no invoices.
Scanning npm and pip Dependencies for Vulnerabilities Inside Claude Code
A practical tutorial: install VulnFeed MCP, scan your project's lockfiles, and get EPSS-ranked vulnerability reports without leaving your terminal.
How We Built an MCP Server That Gets Paid by AI Agents
Using x402 micropayments to let AI agents pay for vulnerability scans — no signup, no API keys, no invoices.