Labsco
awslabs logo

Do Not Act

βœ“ Official

from awslabs

Read-only stop/go risk gateway for prediction-market agents before capital moves: dispute lifecycle, resolution risk, action-aware preflight, alerts, token checks.

πŸ”₯πŸ”₯πŸ”₯βœ“ VerifiedAccount requiredNeeds API keys

Do Not Act MCP

Use the Do Not Act MCP server when an agent runtime should call the Risk Gateway before continuing on a prediction-market workflow.

Machine-readable install manifest:

  • /mcp.json

  • /.well-known/mcp.json

Remote MCP endpoint

Do Not Act also exposes a hosted MCP endpoint for clients and registries that prefer connecting by URL instead of launching a local stdio package.

Copy & paste β€” that's it
https://donotact.com/mcp

Transport: MCP Streamable HTTP (POST JSON-RPC, optional GET text/event-stream, OPTIONS CORS preflight).

Authentication:

Copy & paste β€” that's it
Authorization: Bearer 

The same user API key used by the REST API is required. Do not pass keys in query strings. Gateways that use a config form should ask for one secret field: apiKey, then inject it as a bearer token or private header.

Minimal JSON-RPC checks:

Copy & paste β€” that's it
curl -sS https://donotact.com/mcp \
 -H 'Authorization: Bearer ' \
 -H 'Content-Type: application/json' \
 -H 'Accept: application/json, text/event-stream' \
 -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-06-18","capabilities":{},"clientInfo":{"name":"manual-check","version":"0.1.0"}}}'

curl -sS https://donotact.com/mcp \
 -H 'Authorization: Bearer ' \
 -H 'Content-Type: application/json' \
 -H 'Accept: application/json, text/event-stream' \
 -d '{"jsonrpc":"2.0","id":2,"method":"tools/list","params":{}}'

tools/list returns the same seven tools as the stdio package: donotact_dispute, donotact_resolution_risk, donotact_preflight, donotact_preflight_token, donotact_watchlist_add, donotact_alerts, and donotact_dispute_history_csv.

Tools

  • donotact_dispute

  • donotact_watchlist_add

  • donotact_alerts

  • donotact_preflight

  • donotact_preflight_token

  • donotact_resolution_risk

  • donotact_dispute_history_csv

The shortest safety policy:

Copy & paste β€” that's it
1. Call donotact_preflight before continuing on a market.
2. Include intended side, requested notional, slippage policy and horizon when known.
3. Continue only if verdict/decision == READY.
4. If verdict/decision is DO_NOT_ACT or INSUFFICIENT_EVIDENCE, stop automated action.
5. Preserve decision, component_scores, risk_factors, risk_factor_bitmap, risk_factor_bit_index, blocking_reasons, safe_operating_limits, no_trade_reasons, what_would_change_this, source_refs and not_advice.
6. Use donotact_dispute for focused UMA lifecycle checks.
7. Use donotact_preflight_token for token-risk checks by chain and contract address.
8. If continuing, register donotact_watchlist_add for recurring dispute monitoring.
9. Use donotact_alerts as the backup alert feed and delivery-state truth.

Boundary

Do Not Act is diagnostics and control logic only. The caller keeps execution, custody, private keys, signing and order routing outside Do Not Act.

Useful public proof

  • Public Dispute Risk Index: /dispute-risk

  • Public event feed: /dispute-events.atom

  • Public proof cases: /proof-cases

  • Signed resolved UMA proof cases: /resolved-proof-cases.json

  • Example resolved proof case: /resolved-proof-cases/donotact-polymarket-580810-resolved-uma-dispute

  • Default safety snippets: /docs/default-safety-check

  • Machine-payment proof and CDP Bazaar indexed 0.01 USDC route: /docs/x402

  • Accountless token-risk x402 route: /x402/v1/preflight/token/{chain}/{address}

Agent Discovery

  • llms.txt: /llms.txt

  • Full context: /llms-full.txt

  • Agent manifest: /agent.json

  • OpenAPI: /openapi.json

  • Discovery docs: /docs/discovery