Pop Pay

Name: Pop Pay
Author: 100xPercent

100xPercent/pop-pay

Put guardrails on AI agents that can trigger real purchases so spend stays within policy and vendors stay allowlisted.

Overview

Pop Pay is a MCP server for the Ship phase that enforces spending limits and vendor allowlists so AI agents cannot complete hallucinated purchases.

What is this MCP server?

MCP server plus CLI with stdio transport (npm package pop-pay, v0.5.7)
Per-transaction and daily USD limits via POP_MAX_PER_TX and POP_MAX_DAILY
Vendor category allowlist via POP_ALLOWED_CATEGORIES JSON
Optional Chrome DevTools credential injection via POP_CDP_URL
Blocks hallucinated or unauthorized agent purchases at runtime
Server version 0.5.7
stdio transport via npm registry
Default POP_MAX_PER_TX 100.0 USD

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 1 GitHub stars.

What problem does it solve?

Autonomous agents can attempt real checkouts or cloud upgrades from a single bad reasoning step, with no per-tx or daily spend fence.

Who is it for?

Indie builders running agents against AWS, Cloudflare, or similar vendors who need default-deny commerce guardrails.

Skip if: Teams with no agent-initiated payments or who only need static secret scanning without transaction policy.

What do I get? / Deliverables

Purchase paths run through policy checks with category gates and USD caps before any charge is authorized.

MCP-launched purchase policy layer via launch-mcp
Configured per-tx and daily USD ceilings
Category-restricted vendor surface for agent commerce

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Commerce safety belongs in Ship because it is runtime protection before and during live agent actions that move money. Security subphase fits spend caps, category allowlists, and blocking hallucinated checkout flows.

How it compares

Runtime purchase policy MCP, not a generic code-audit skill or payment processor integration.

Common Questions / FAQ

Who is Pop Pay for?

Solo and small teams shipping AI agents that can spend money on vendor sites or APIs and need enforceable limits.

When should I use Pop Pay?

Before giving an agent checkout, upgrade, or marketplace tools in production or staging with real billing credentials.

How do I add Pop Pay to my agent?

Install the npm package pop-pay, run launch-mcp over stdio in your MCP config, and set POP_ALLOWED_CATEGORIES, POP_MAX_PER_TX, POP_MAX_DAILY, and optional POP_CDP_URL.

Pop Pay

100xPercent/pop-pay

Put guardrails on AI agents that can trigger real purchases so spend stays within policy and vendors stay allowlisted.

Overview

Pop Pay is a MCP server for the Ship phase that enforces spending limits and vendor allowlists so AI agents cannot complete hallucinated purchases.

What is this MCP server?

MCP server plus CLI with stdio transport (npm package pop-pay, v0.5.7)
Per-transaction and daily USD limits via POP_MAX_PER_TX and POP_MAX_DAILY
Vendor category allowlist via POP_ALLOWED_CATEGORIES JSON
Optional Chrome DevTools credential injection via POP_CDP_URL
Blocks hallucinated or unauthorized agent purchases at runtime
Server version 0.5.7
stdio transport via npm registry
Default POP_MAX_PER_TX 100.0 USD

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 1 GitHub stars.

What problem does it solve?

Autonomous agents can attempt real checkouts or cloud upgrades from a single bad reasoning step, with no per-tx or daily spend fence.

Who is it for?

Indie builders running agents against AWS, Cloudflare, or similar vendors who need default-deny commerce guardrails.

Skip if: Teams with no agent-initiated payments or who only need static secret scanning without transaction policy.

What do I get? / Deliverables

Purchase paths run through policy checks with category gates and USD caps before any charge is authorized.

MCP-launched purchase policy layer via launch-mcp
Configured per-tx and daily USD ceilings
Category-restricted vendor surface for agent commerce

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

Runtime purchase policy MCP, not a generic code-audit skill or payment processor integration.

Common Questions / FAQ

Who is Pop Pay for?

Solo and small teams shipping AI agents that can spend money on vendor sites or APIs and need enforceable limits.

When should I use Pop Pay?

Before giving an agent checkout, upgrade, or marketplace tools in production or staging with real billing credentials.

How do I add Pop Pay to my agent?

Install the npm package pop-pay, run launch-mcp over stdio in your MCP config, and set POP_ALLOWED_CATEGORIES, POP_MAX_PER_TX, POP_MAX_DAILY, and optional POP_CDP_URL.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is Pop Pay for?

When should I use Pop Pay?

How do I add Pop Pay to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is Pop Pay for?

When should I use Pop Pay?

How do I add Pop Pay to my agent?