2026live

apimesh

23+ pay-per-call web analysis apis with crypto micropayments, stripe mpp, and an autonomous build loop that generates new apis without any human involvement

BunHonox402Coinbase CDPStripe MPPCheerioOpenAIMCP SDKSQLiteCaddy
livegithubnpm

the problem

ai agents cant use most apis because they require signup flows and billing accounts. an agent literally cant complete a signup form. x402 and stripe mpp make api access as simple as including an http header, no accounts no subscriptions needed.

apimesh built 23+ focused web analysis apis on this model plus a 16-tool mcp server so agents can discover and use them without having to read docs.

how it works

each api lives on its own subdomain like core-web-vitals.apimesh.xyz. the payment flow is agent hits endpoint, gets a 402 back with the price and wallet and network, agent signs a usdc payment on base, includes the x-payment header, coinbase cdp verifies it, server returns the response.

every api has a free /preview endpoint so agents can check the format before actually paying for anything. the brain loop runs autonomously: monitor, scanner on sundays, scout, build up to 3 apis per run, security audit, staging, prod. all running on a single $4/mo hetzner arm server.

  • 23+ apis on separate subdomains, independent deploy and rate limiting, no blast radius if one breaks
  • triple payment: x402 usdc on base, stripe mpp, api key auth with atomic credit deduction
  • free /preview endpoints so agents can verify response format before committing credits
  • autonomous brain loop: monitor, scanner sundays, scout, build up to 3 per run, 14-pattern security audit, staging, prod

what shipped

23+ apis live, 16 mcp tools published on npm as @mbeato/apimesh-mcp-server, listed on smithery and the mcp registry. the brain loop has built and deployed 9 apis autonomously so far. three payment methods working.

1000+ requests per day at 99% success rate. listed as a first-party mpp service alongside browserbase and dune.

decisions and tradeoffs

architecture is shaped by who the users are, ai agents not humans.

  • each api on its own subdomain over a single monolithic server. gives you independent deploy and no blast radius from one broken api taking everything down
  • x402 pay-per-call as the default over requiring signup and api keys. agents cant complete signup flows so this is the only way that actually works
  • free /preview on every api over pay-to-discover. agents need to confirm the api works and returns what they need before spending credits
  • 14-pattern security audit on all brain-generated code. i dont trust llm output directly, it has to pass the audit before going to prod
back to home