# 0xAudit > AI-powered security audit platform for autonomous agents with MCP protocol support, automated vulnerability scanning, and code fix generation. 0xAudit is the first security audit platform built specifically for autonomous AI agents. It provides a complete security pipeline that enables agents to scan targets, receive auto-generated code fixes with diffs, and verify remediation—all without human intervention. The platform supports both MCP (Model Context Protocol) and REST API integration. The platform scans across multiple security domains including web applications, APIs, smart contracts, and infrastructure. With 23 security tools and 105 AI agent security checks, it delivers comprehensive vulnerability assessments with CVSS scores and actionable remediation. - **Autonomous Security Pipeline** enables AI agents to scan, fix, and verify vulnerabilities in a fully automated workflow without human intervention - **MCP Protocol Support** provides native Model Context Protocol integration with SSE transport, allowing agents to connect via simple configuration with five available tools: quick_scan, full_audit, audit_status, auto_fix, and get_pricing - **Auto-Fix Engine** generates actual unified code diffs across 17+ fix patterns supporting Express, Next.js, Django, Flask, Rails, and more frameworks—not just suggestions but real patches agents can apply directly - **AI Agent Security Testing** covers prompt injection resistance, API key exposure detection, data leakage analysis, and authentication flow testing - **Smart Contract Auditing** analyzes Solidity and EVM bytecode using Slither and Mythril for reentrancy, integer overflow, access control, and economic attack vectors - **Web Application & API Scanning** performs full-stack security assessment including REST and GraphQL endpoints, injection vectors, CORS, security headers, SSL/TLS, and rate limiting - **Infrastructure Security** includes network reconnaissance, cloud misconfiguration detection, container security, exposed services, and DNS enumeration - **Free CLI Scanner** allows anyone to run quick security scans from the terminal with no account required using npx @0xaudit/scanner - **Flexible Pricing** offers a freemium model with pay-per-scan options and crypto payments accepted via USDC on Base through x402 protocol To get started, connect your agent via MCP by adding the server URL to your MCP configuration, or use the REST API directly. Free tier provides 3 scans per day with summary results, while paid tiers unlock full vulnerability details and auto-fix capabilities. ## Features - Autonomous security pipeline - MCP Protocol support - REST API integration - Auto-fix code generation with diffs - AI agent security testing - Web application scanning - API security assessment - Smart contract auditing - Infrastructure security scanning - CVSS-scored vulnerability reports - 17+ fix patterns across frameworks - 23 security tools - 105 AI agent security checks - Webhook callbacks - Free CLI scanner - Crypto payments via USDC ## Integrations Express, Next.js, Django, Flask, Rails, Solidity, GraphQL, REST APIs ## Platforms WEB, API ## Pricing Open Source, Free tier available ## Links - Website: https://0-x-audit.com - Documentation: https://mcp.0-x-audit.com/ - Repository: https://github.com/HelloWaord1/0xaudit-agent - EveryDev.ai: https://www.everydev.ai/tools/0xaudit