Pop Pay

Prevents AI agents from making unauthorized purchases by keeping payment credentials out of their context window entirely. Uses Chrome DevTools Protocol to inject card details directly into the browser DOM at checkout time. Exposes three MCP tools: request_virtual_card for payment forms, request_purchaser_info for billing details, and request_x402_payment for metered API calls. Runs as a local CLI that launches a CDP-enabled Chrome instance and enforces spending limits, category allowlists, and hallucination loop detection. The vault stores encrypted credentials with AES-256-GCM, optionally locked behind a passphrase. Useful when building autonomous agents that need to complete purchases on AWS, Cloudflare, or other approved vendors without risking wallet drain from a single bad prompt.