Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"safeagent": {
"cwd": "C:\\path\\to\\SAFEAGENT",
"args": [
"C:\\path\\to\\safeagent_exec_guard\\mcp_server.py"
],
"command": "python"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Duplicate payment. Duplicate email. Duplicate trade. Duplicate ticket.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y 'n8n-nodes-safeagent' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked n8n-nodes-safeagent against OSV.dev.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in ai-ml / security
Dynamic problem-solving through sequential thought chains
Persistent memory using a knowledge graph
An autonomous agent that conducts deep research on any data using any LLM providers
🌊 The leading agent orchestration platform for Claude. Deploy intelligent multi-agent swarms, coordinate autonomous workflows, and build conversational AI systems. Features enterprise-grade architecture, distributed swarm intelligence, RAG integration, and native Claude Code / Codex Integration
MCP Security Weekly
Get CVE alerts and security updates for io.github.azender1/safeagent and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.

POST /claim · safeagent-production.up.railway.app
Dashboard: safeagent-dashboard-2.vercel.app
# Claim an action — free, no payment header required
curl -s -X POST https://safeagent-production.up.railway.app/claim \
-H "Content-Type: application/json" \
-d '{"request_id":"order:TQQQ:buy:6:2026-05-19T13:31:00-04:00","action":"order"}'
# → {"status":"PROCEED","request_id":"..."}
# Settle after the action fires
curl -s -X POST https://safeagent-production.up.railway.app/settle/order:TQQQ:buy:6:2026-05-19T13:31:00-04:00 \
-H "Content-Type: application/json" \
-d '{"result":{"status":"completed"}}'
# → {"status":"committed","request_id":"..."}
# Retry with the same request_id — returns SKIP
curl -s -X POST https://safeagent-production.up.railway.app/claim \
-H "Content-Type: application/json" \
-d '{"request_id":"order:TQQQ:buy:6:2026-05-19T13:31:00-04:00","action":"order"}'
# → {"status":"SKIP","request_id":"...","existing":{...}}
# Free test endpoint — same logic, limited to 10 calls per IP
curl -s -X POST https://safeagent-production.up.railway.app/claim/test \
-H "Content-Type: application/json" \
-d '{"agent_id":"bot-1","action_type":"order","scope":"TQQQ:buy:bar:2026-05-19T13:31:00-04:00"}'
# → {"status":"PROCEED","request_id":"...","test":true,"calls_remaining":9}
Indexed on Bazaar.
SafeAgent is the first verified external integrator on Soma — the Mycelium agent catalog. Every production execution is anchored on-chain via Mycelium Trails and independently verifiable without going through the operator.
SafeAgent is an exactly-once execution guard. It prevents AI agents and SaaS applications from firing the same action twice — on crash-retry, duplicate signal, webhook replay, or concurrent execution across multiple instances.
Every action gets a stable request_id derived from what the agent is doing and when. The first call commits. Every subsequent call with the same key returns SKIP and the original result. No double charges. No double emails. No double orders. No duplicate webhooks.
State machine: PENDING → COMMITTED | SKIP
Common failure modes SafeAgent prevents:
| Scenario | Without SafeAgent | With SafeAgent |
|---|---|---|
| Stripe charge times out, retry fires | Customer charged twice | Second charge returns SKIP |
| Welcome email on signup retried | User gets two welcome emails | Second send returns SKIP |
| Webhook delivered twice (Stripe/GitHub/Twilio guarantee at-least-once) | Event processed twice | Second processing returns SKIP |
| Workspace provisioned on retry | Two workspaces created | Second provision returns SKIP |
| AI agent tool call retried after crash | Duplicate side effect | Second call returns SKIP |
SafeAgent is the exactly-once enforcement layer in a formally specified agent execution integrity stack:
Polaris (commit-gated authorization)
└── AgentGraph safety verdict (pre-execution safety gate)
└── SafeAgent (exactly-once execution guard) ← you are here
└── Nobulex (signed bilateral receipt)
└── Mycelium Trails (on-chain anchor)
Each layer is independently authored and independently verifiable. None trusts the oth