Export Report
OVERALL SCORE
Level 3, Bot-Aware
- AI Discoverability 70 out of 100
- Agent Ease of Use 58 out of 100
- Security & Trust 56 out of 100
- GEO, AIO and AEO 74 out of 100
- SEO 100 out of 100
- Performance 99 out of 100
- Accessibility 100 out of 100
What AI sees of your website
Cloud & Dedicated Servers & IPv4 Brokerage | DCXV
European Tier III cloud servers from €15/mo, dedicated servers and IPv4 brokerage in Prague and Covilhã. GDPR-compliant EU hosting, 24/7 support.
Next step
Turn this report into a fix workflow
3 failed checks are ready to move into MCP or CLI remediation. Generate a repair prompt, connect the scanner to your coding agent, or open the integration docs before your next rescan.
| Metric | Score | Status | Passed | Failed | Warning | Evidence |
|---|---|---|---|---|---|---|
| AI Discoverability | 70 | Needs work | 35 | 0 | 0 | |
| Discoverability | 67 | Needs work | 8 | 0 | 0 | |
| Content Readiness | 83 | Mostly ready | 24 | 0 | 0 | |
| Bot Access Control | 63 | Needs work | 3 | 0 | 0 | |
| Agent Ease of Use | 58 | Needs work | 13 | 5 | 5 | View details |
| API | 65 | Needs work | 5 | 0 | 0 | |
| MCP | 40 | Priority fix | 3 | 0 | 0 | |
| Skill Discovery | 41 | Priority fix | 2 | 5 | 5 | View details |
| Google Agentic Browsing | 100 | Strong | 3 | 0 | 0 | |
| GEO, AIO and AEO | 74 | Needs work | 12 | 0 | 0 | |
| GEO Readiness | Not Applicable | Not Applicable | 4 | 0 | 0 | |
| AIO Readiness | Not Applicable | Not Applicable | 4 | 0 | 0 | |
| AEO Readiness | Not Applicable | Not Applicable | 4 | 0 | 0 | |
| SEO | 100 | Strong | 10 | 0 | 0 | |
| SEO | 100 | Strong | 10 | 0 | 0 | |
| Security & Trust | 56 | Needs work | 12 | 1 | 0 | View details |
| Security & Trust | 56 | Needs work | 12 | 1 | 0 | View details |
| Performance | 99 | Strong | 18 | 0 | 0 | |
| Performance | 99 | Strong | 18 | 0 | 0 |
Prioritized recommendations
Issues ranked by score impact
3 items need attention
Security & TrustSecurity & TrustEstablished
Content-Security-Policy
Content-Security-Policy failed at "Find enforcing CSP delivery".
60 Fail
Security & TrustSecurity & TrustEstablished
Content-Security-Policy
Content-Security-Policy failed at "Find enforcing CSP delivery".
Needs attention
Content-Security-Policy
Issue
Applicable HTML response is missing an enforcing Content-Security-Policy header.
Details
Why it matters
Content Security Policy reduces the impact of injection bugs by limiting where scripts, styles, frames, forms, and other browser resources can load or execute.
Check name
Content-Security-Policy
Score
40/100
Status
fail
Category
Security & Trust
Maturity
Established
Goal
Constrain browser resource loading and script execution with an enforcing Content-Security-Policy header.
Result
Content-Security-Policy failed at "Find enforcing CSP delivery".
Validation steps
Find enforcing CSP delivery
Applicable HTML response is missing an enforcing Content-Security-Policy header.
Enforcing Content-Security-Policy header is missing
Evidence log1 step · 4 lines
Find enforcing CSP delivery [fail]! Applicable HTML response is missing an enforcing Content-Security-Policy header.INFOFind enforcing CSP deliveryINFORead CSP delivery headers enforcingHeader="missing" reportOnlyHeader="missing" metaPolicyCount=0 legacyHeadersPresent=[]FAILRequire enforcing Content-Security-Policy header actual="missing" expected="present" issue="Applicable HTML response is missing an enforcing Content-Security-Policy header."FAILApplicable HTML response is missing an enforcing Content-Security-Policy header.Agent Ease of UseSkill DiscoveryEmerging recommendation
agents.json
agents.json failed at "Validate Wildcard schema shape".
38 Fail
Agent Ease of UseSkill DiscoveryEmerging recommendation
agents.json
agents.json failed at "Validate Wildcard schema shape".
Needs attention
agents.json
Issue
agents.json does not match the expected Wildcard OpenAPI workflow shape.
Details
Why it matters
Wildcard agents.json gives agents workflow-level context beyond plain OpenAPI, including flows, links, examples, and API action structure. It is an emerging OpenAPI-adjacent proposal, so scanners should validate the contract shape without treating it as an A2A or IETF standard.
Check name
agents.json
Score
25/100
Status
fail
Category
Skill Discovery
Maturity
Emerging recommendation
Goal
Publish a Wildcard-style agents.json file so agents can discover OpenAPI-backed workflows, links, examples, and authentication requirements.
Result
agents.json failed at "Validate Wildcard schema shape".
Validation steps
Discover agents.json
agents.json was found only at the fallback /agents.json path.
agents.json is missing or only available at a fallback path
Validate Wildcard schema shape
agents.json does not match the expected Wildcard OpenAPI workflow shape.
agents.json schema shape is invalid or incomplete
Validate API actions
Wildcard agents.json must include valid OpenAPI-derived action or operation definitions.
agents.json action definitions are invalid or missing
Validate flows and links
No executable flows were found.
agents.json flows or links are invalid
Review examples and LLM usability
Examples or descriptions are too thin for reliable agent argument generation.
agents.json examples or descriptions need improvement
Evidence log5 steps · 23 lines
Discover agents.json [warning]! agents.json was found only at the fallback /agents.json path.INFODiscover agents.jsonINFOTry agents.json discovery paths in priority order paths=["/.well-known/agents.json","/agents.json"]WARNagents.json candidate path did not return a usable contract path="/.well-known/agents.json" statusCode=404 contentType=nullPASSFound an agents.json candidate path="/agents.json" statusCode=200 contentType="application/json" bytes=23WARNSelected fallback agents.json location path="/agents.json" requestedUrl="https://dcxv.com/agents.json"WARNagents.json was found only at the fallback /agents.json path.Validate Wildcard schema shape [fail]! agents.json does not match the expected Wildcard OpenAPI workflow shape.INFOValidate Wildcard schema shapeINFOParse agents.json and classify contract shape shape="unknown"FAILCompare contract shape actual="unknown" expected="wildcard"FAILCompare missing required schema fields actual="none" expected="none"FAILCompare Content-Type with JSON expectation actual=true expected=trueFAILagents.json does not match the expected Wildcard OpenAPI workflow shape.Validate API actions [fail]! Wildcard agents.json must include valid OpenAPI-derived action or operation definitions.INFOValidate API actionsFAILCompare API action count actual=0 expected="> 0"FAILCompare invalid action definitions actual=0 expected=0FAILWildcard agents.json must include valid OpenAPI-derived action or operation definitions.Validate flows and links [fail]! No executable flows were found.INFOValidate flows and linksFAILCompare workflow flow count actual=0 expected="> 0"FAILCompare operation link issues actual=0 expected=0FAILNo executable flows were found.Review examples and LLM usability [warning]! Examples or descriptions are too thin for reliable agent argument generation.INFOReview examples and LLM usabilityWARNCompare usable example count actual=0 expected="> 0 when actions are present"WARNExamples or descriptions are too thin for reliable agent argument generation.
Agent Ease of UseSkill DiscoveryEmerging recommendation
A2A Agent Card
A2A Agent Card failed at "Detect A2A card version".
31 Fail
Agent Ease of UseSkill DiscoveryEmerging recommendation
A2A Agent Card
A2A Agent Card failed at "Detect A2A card version".
Needs attention
A2A Agent Card
Issue
The discovered JSON document does not match a supported A2A Agent Card version family.
Details
Why it matters
A2A Agent Cards provide protocol-specific discovery for agent identity, skills, input and output modes, transport bindings, capabilities, and security requirements. Legacy A2A also used /.well-known/agent.json, so scanners must classify the card shape before reporting readiness.
Check name
A2A Agent Card
Score
39/100
Status
fail
Category
Skill Discovery
Maturity
Emerging recommendation
Goal
Publish a version-appropriate A2A Agent Card so A2A-compatible clients can discover agent skills and invoke the declared endpoint safely.
Result
A2A Agent Card failed at "Detect A2A card version".
Validation steps
Discover A2A Agent Card
The A2A Agent Card was found at a legacy or fallback path.
A2A Agent Card is missing or discovered at a non-canonical path
Detect A2A card version
The discovered JSON document does not match a supported A2A Agent Card version family.
A2A Agent Card version cannot be classified cleanly
Validate version-specific card shape
Document does not match a supported A2A Agent Card shape.
A2A Agent Card shape is invalid for its version
Missing required fields
- skills[]
Validate HTTP delivery
card was found only at a non-standard fallback path
A2A Agent Card HTTP delivery is not standards-aligned
Probe same-origin A2A endpoint
A2A endpoint probing was skipped because the endpoint was cross-origin, unavailable from the card, or uses an unsupported binding.
Advertised same-origin A2A endpoint did not answer a safe probe
Evidence log5 steps · 26 lines
Discover A2A Agent Card [warning]! The A2A Agent Card was found at a legacy or fallback path.INFODiscover A2A Agent CardINFOTry A2A discovery paths in priority order paths=["/.well-known/agent-card.json","/.well-known/agent.json","/agent-card.json","/.well-known/a2a/agent-card.json"]WARNA2A candidate path did not return a usable card path="/.well-known/agent-card.json" statusCode=404 contentType=nullWARNA2A candidate path did not return a usable card path="/.well-known/agent.json" statusCode=404 contentType=nullPASSFound an A2A candidate path="/agent-card.json" statusCode=200 contentType="application/json" bytes=23WARNA2A candidate path did not return a usable card path="/.well-known/a2a/agent-card.json" statusCode=404 contentType=nullWARNSelected non-canonical A2A Agent Card path="/agent-card.json" pathClass="fallback" requestedUrl="https://dcxv.com/agent-card.json"WARNThe A2A Agent Card was found at a legacy or fallback path.Detect A2A card version [fail]! The discovered JSON document does not match a supported A2A Agent Card version family.INFODetect A2A card versionINFORead version indicators from the card detectionEvidence=[]FAILCompare detected A2A version family actual="unknown" expected="v0.1, v0.2, v0.3, or v1"FAILThe discovered JSON document does not match a supported A2A Agent Card version family.Validate version-specific card shape [fail]! Document does not match a supported A2A Agent Card shape.INFOValidate version-specific card shapeFAILCompare missing required card fields actual=["skills[]"] expected="none"FAILCheck every declared A2A skill has required name, description, and endpoint fields actual=0 expected=0 invalidSkills=[]INFOReview declared endpoint interfaces interfaces=[]FAILDocument does not match a supported A2A Agent Card shape.Validate HTTP delivery [warning]! card was found only at a non-standard fallback pathINFOValidate HTTP deliveryWARNCompare card Content-Type with JSON expectation actual="application/json" expected="application/json or +json"INFOReview selected discovery path path="/agent-card.json" pathClass="fallback"WARNHTTP delivery/path warning warning="card was found only at a non-standard fallback path"WARNcard was found only at a non-standard fallback pathProbe same-origin A2A endpoint [warning]! A2A endpoint probing was skipped because the endpoint was cross-origin, unavailable from the card, or uses an unsupported binding.INFOProbe same-origin A2A endpointINFOProbe same-origin A2A endpoint when scanner policy allows itSKIPSkipped endpoint probe reason="No valid A2A card was available to probe."WARNA2A endpoint probing was skipped because the endpoint was cross-origin, unavailable from the card, or uses an unsupported binding.
Sign in to see 26 other issues and the full report
Create a free account to unlock every issue, evidence details, exports, and higher free limits.
Fix with MCP or CLI
Use this report as the handoff into remediation. Generate a coding-agent prompt with the failing checks attached, or jump to the MCP and CLI setup docs before your next rescan.
Score history