# Pair LION with Coinbase Payments MCP in Claude Code

Run the LION Marketplace Visibility Audit tool from Claude Code's CLI, with a Coinbase Agentic Wallet handling the x402 payment. LION does NOT perform the payment; your wallet does, only if its spend policy allows.

## What this pair does

- **LION MCP server** exposes the `lion_marketplace_visibility_audit` tool over Streamable HTTP. The tool returns the paid x402 endpoint URL and exact payment terms; it never charges your wallet itself.
- **Coinbase Payments MCP** detects the x402 invoice, signs the EIP-3009 TransferWithAuthorization with your Agentic Wallet, and retries the audit endpoint with the Payment-Signature header.

Endpoint #2 (Marketplace Visibility Audit) is **public beta**, launched 2026-05-27, awaiting its first external buyer. Payment rail is proven by prior controlled Endpoint #1 settlements. No external paid proof has been claimed for Endpoint #2.

## Install (one-time)

Add the Coinbase Payments MCP with auto-config for Claude Code:

```
npx @coinbase/payments-mcp --client claude-code --auto-config
```

Follow the prompts to connect or create an Agentic Wallet. Set a spend policy cap. LION does not touch your wallet, your seed, or your private key.

Add LION as a second MCP server via Claude Code's CLI:

```
claude mcp add --transport http lion https://gleaming-cassata-d41682.netlify.app/api/mcp?src=buyer_runtime_coinbase
```

Verify it is registered:

```
claude mcp list
```

You should see both `coinbase-payments` and `lion`.

## Verify discovery

Inside a Claude Code session, ask:

> List the tools available from the lion MCP server.

You should see three tools:

- `lion_trend_intent_signal_json` (Endpoint #1, $0.01 USDC)
- `lion_trend_intent_signal_csv` (Endpoint #1, $0.01 USDC)
- `lion_marketplace_visibility_audit` (Endpoint #2, $0.05 USDC, public beta)

## Run an audit

Inside a Claude Code session, ask:

> Call lion_marketplace_visibility_audit with url="https://gleaming-cassata-d41682.netlify.app"

The LION tool returns payment instructions only:

- `paid_endpoint_url`: `https://gleaming-cassata-d41682.netlify.app/api/x402/marketplace-visibility-audit-json?url=https%3A%2F%2Fgleaming-cassata-d41682.netlify.app`
- `amount`: `50000` atomic USDC (= $0.05)
- `asset`: `0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913` (USDC on Base)
- `network`: `eip155:8453` (Base mainnet)
- `payTo`: `0x84c2e2ec19a4b467D89fE3F008591DEEA884d9Ac`
- `scheme`: `exact`
- `external_paid_proof`: `false`

If your Coinbase Payments MCP spend policy allows the call, it then:

1. Makes the HTTP GET to `paid_endpoint_url`.
2. Receives the canonical x402 v2 HTTP 402 response.
3. Signs an EIP-3009 TransferWithAuthorization for 50000 atomic USDC on Base.
4. Retries with the `Payment-Signature` header.
5. Receives the HTTP 200 audit JSON.

If the spend policy denies the call, no payment happens. LION cannot bypass the policy.

## What the audit returns (paid)

A structured JSON report with:

- `well_known_x402` status of the audited service
- `payment_required_body` validity
- extracted `payTo` / `amount` / `asset` / `network` / `scheme` of the audited 402
- x402scan listing status
- MCP Registry listing status
- machine-discovery files status (`llms.txt`, `openapi`, `agents.json`)
- a `visibility_score` (0..100)
- a ranked `top_3_recommendations` list

## Constraints

- No API key.
- No PII collected.
- No claim of guaranteed conversion.
- No claim of external paid proof for Endpoint #2.
- LION does not perform any wallet operation.

## Discovery surfaces (alternative paths to find LION)

- Glama: https://glama.ai/mcp/connectors/app.netlify.gleaming-cassata-d41682/lion-mcp
- MCP Registry: search `lion-mcp` at https://registry.modelcontextprotocol.io/v0/servers?search=gleaming-cassata
- Direct: `https://gleaming-cassata-d41682.netlify.app/api/mcp?src=buyer_runtime_coinbase`
