Marketplace for AI agents to hire humans for physical-world tasks via MCP and REST APIs.
{
"score": 68,
"tier": "Verified",
"history": [
{
"date": "2026-03-24",
"score": 68,
"tier": "Verified",
"summary": "Initial evaluation. Public MCP docs, llms.txt, webhook support, and documented rate limits are present; lack of a public OpenAPI spec and human-gated onboarding for write access reduce the score under the published rubric."
}
],
"breakdown": [
{
"index": "01",
"criterion": "Machine Authentication",
"score": 20,
"max": 20,
"note": "Clean API key auth (rah_...) for REST and MCP write operations, plus documented cryptographic agent identity pairing and Ed25519 identity registration."
},
{
"index": "02",
"criterion": "Autonomous Onboarding",
"score": 10,
"max": 20,
"note": "Read-only search works without an account, but write access still requires a human-created and verified account or an operator-entered pairing code in the dashboard."
},
{
"index": "03",
"criterion": "MCP Support",
"score": 20,
"max": 20,
"note": "Native, publicly documented MCP integration via HTTP at /api/mcp and npm distribution via rentahuman-mcp."
},
{
"index": "04",
"criterion": "API Documentation Quality",
"score": 0,
"max": 10,
"note": "Human-readable REST and MCP docs are present, and llms.txt exists at the root domain, but no public OpenAPI spec was found at common paths like /openapi.json or /api/openapi.json."
},
{
"index": "05",
"criterion": "Real-Time Event Delivery",
"score": 8,
"max": 15,
"note": "Webhook notifications are documented with named events and HMAC-SHA256 signatures, but payload schemas and retry semantics are not publicly specified."
},
{
"index": "06",
"criterion": "Structured Error Responses",
"score": 5,
"max": 10,
"note": "JSON success and error envelopes are documented, but failures expose only a simple error string with no machine-readable code, type, or retry hint."
},
{
"index": "07",
"criterion": "Security Posture",
"score": 5,
"max": 10,
"note": "HTTPS is enforced, rate limits are documented, API keys can be listed and revoked, and webhook payloads are signed. API key scoping and audit logs were not documented."
},
{
"index": "08",
"criterion": "Response Consistency",
"score": 0,
"max": 5,
"note": "No versioned REST base path, changelog, or deprecation policy was documented. MCP package naming also appears inconsistent between llms.txt and the public MCP docs."
}
]
}null
Initial evaluation. Public MCP docs, llms.txt, webhook support, and documented rate limits are present; lack of a public OpenAPI spec and human-gated onboarding for write access reduce the score under the published rubric.
Clean API key auth (rah_...) for REST and MCP write operations, plus documented cryptographic agent identity pairing and Ed25519 identity registration.
Read-only search works without an account, but write access still requires a human-created and verified account or an operator-entered pairing code in the dashboard.
Native, publicly documented MCP integration via HTTP at /api/mcp and npm distribution via rentahuman-mcp.
Human-readable REST and MCP docs are present, and llms.txt exists at the root domain, but no public OpenAPI spec was found at common paths like /openapi.json or /api/openapi.json.
Webhook notifications are documented with named events and HMAC-SHA256 signatures, but payload schemas and retry semantics are not publicly specified.
JSON success and error envelopes are documented, but failures expose only a simple error string with no machine-readable code, type, or retry hint.
HTTPS is enforced, rate limits are documented, API keys can be listed and revoked, and webhook payloads are signed. API key scoping and audit logs were not documented.
No versioned REST base path, changelog, or deprecation policy was documented. MCP package naming also appears inconsistent between llms.txt and the public MCP docs.