Export Report
OVERALL SCORE
Level 3, Bot-Aware
- AI Discoverability 81 out of 100
- Agent Ease of Use 47 out of 100
- Security & Trust 73 out of 100
- GEO, AIO and AEO 62 out of 100
- SEO 92 out of 100
- Performance and Accessibility 74 out of 100
What AI sees of your website
DeployHQ — Deploy Your Website Automatically from Git
Deploy your website from GitHub, GitLab & Bitbucket automatically. Zero-downtime deployments, build pipelines, one-click rollbacks. Trusted by...
Next step
Turn this report into a fix workflow
12 failed checks are ready to move into MCP or CLI remediation. Generate a repair prompt, connect the scanner to your coding agent, or open the integration docs before your next rescan.
| Metric | Score | Status | Passed | Failed | Warning | Evidence |
|---|---|---|---|---|---|---|
| AI Discoverability | 81 | Mostly ready | 41 | 4 | 4 | View details |
| Discoverability | 80 | Mostly ready | 8 | 1 | 0 | View details |
| Content Readiness | 90 | Strong | 28 | 3 | 2 | View details |
| Bot Access Control | 75 | Mostly ready | 5 | 0 | 2 | |
| Agent Ease of Use | 47 | Priority fix | 23 | 17 | 16 | View details |
| API | 75 | Mostly ready | 7 | 1 | 2 | View details |
| Auth | 39 | Priority fix | 3 | 4 | 2 | View details |
| MCP | 52 | Needs work | 3 | 2 | 6 | View details |
| Skill Discovery | 47 | Priority fix | 4 | 5 | 6 | View details |
| Agent Commerce | 41 | Priority fix | 6 | 5 | 0 | View details |
| GEO, AIO and AEO | 62 | Needs work | 7 | 2 | 9 | View details |
| GEO Readiness | 52 | Needs work | 2 | 1 | 3 | View details |
| AIO Readiness | 82 | Mostly ready | 3 | 0 | 3 | |
| AEO Readiness | 51 | Needs work | 2 | 1 | 3 | View details |
| SEO | 92 | Strong | 9 | 1 | 0 | View details |
| SEO | 92 | Strong | 9 | 1 | 0 | View details |
| Security & Trust | 73 | Needs work | 16 | 2 | 2 | View details |
| Security & Trust | 73 | Needs work | 16 | 2 | 2 | View details |
| Performance and Accessibility | 74 | Needs work | 25 | 5 | 0 | View details |
| Performance | 61 | Needs work | 19 | 4 | 0 | View details |
| Accessibility | 97 | Strong | 6 | 1 | 0 | View details |
Prioritized recommendations
Issues ranked by score impact
41 items need attention
AI DiscoverabilityDiscoverabilityEstablished
robots.txt
robots.txt failed at "Validate RFC 9309 core syntax".
60 Fail
AI DiscoverabilityDiscoverabilityEstablished
robots.txt
robots.txt failed at "Validate RFC 9309 core syntax".
Needs attention
robots.txt
Issue
robots.txt was found but did not contain a valid, parseable User-agent group.
Why it matters
robots.txt gives crawlers and agents a standard place to read crawl permissions, disallowed paths, and sitemap locations before requesting site content.
Check name
robots.txt
Score
40/100
Status
fail
Category
Discoverability
Maturity
Established
Goal
Publish /robots.txt with clear crawl rules.
Result
robots.txt failed at "Validate RFC 9309 core syntax".
Validation steps
Validate RFC 9309 core syntax
robots.txt was found but did not contain a valid, parseable User-agent group.
Agent Ease of UseMCPEmerging recommendation
MCP Server Card
MCP Server Card failed at "Validate server-card shape".
33 Fail
Agent Ease of UseMCPEmerging recommendation
MCP Server Card
MCP Server Card failed at "Validate server-card shape".
Needs attention
MCP Server Card
Issue
MCP Server Card is missing required fields: protocolVersion.
Details
Why it matters
MCP server cards give agents a stable, public pre-connection discovery surface for server identity, remote transports, protocol compatibility, and safe routing without guessing endpoints.
Check name
MCP Server Card
Score
35/100
Status
fail
Category
MCP
Maturity
Emerging recommendation
Goal
Publish an MCP Server Card that helps agents discover remote MCP server transports before opening a session.
Result
MCP Server Card failed at "Validate server-card shape".
Validation steps
Discover MCP server card
The MCP server card was found only at a transitional or linked path.
Validate server-card shape
MCP Server Card is missing required fields: protocolVersion.
Missing required fields
- protocolVersion
Invalid remotes
- #0 (transport) - unknown transport type "stdio", missing url or endpoint
Compatibility warnings
- Card uses the transitional serverInfo/protocolVersion/transport shape instead of the current remotes[] model.
Validate MCP remotes
At least one MCP remote transport is invalid.
Validate HTTP delivery
CORS header Access-Control-Allow-Origin is absent.
Probe same-origin MCP endpoint
No MCP remote endpoint could be probed.
Agent Ease of UseAgent CommerceInformational
Universal Commerce Protocol
Universal Commerce Protocol failed at "Fetch UCP profile".
32 Fail
Agent Ease of UseAgent CommerceInformational
Universal Commerce Protocol
Universal Commerce Protocol failed at "Fetch UCP profile".
Needs attention
Universal Commerce Protocol
Issue
UCP profile content type "text/plain; charset=utf-8" is not JSON-compatible.
Why it matters
UCP discovery lets agents identify commerce capabilities, service transports, payment handlers, and signing keys without scraping human checkout flows.
Check name
Universal Commerce Protocol
Score
36/100
Status
fail
Category
Agent Commerce
Maturity
Informational
Goal
Expose a valid Universal Commerce Protocol business profile when this origin supports agentic commerce workflows.
Result
Universal Commerce Protocol failed at "Fetch UCP profile".
Validation steps
Fetch UCP profile
UCP profile content type "text/plain; charset=utf-8" is not JSON-compatible.
Validate UCP profile shape
UCP profile must contain a top-level ucp object.
UCP profile must contain a top-level ucp object.
Agent Ease of UseAuthEmerging recommendation
Auth.md Agent Registration
Auth.md Agent Registration failed at "Fetch and validate /auth.md".
30 Fail
Agent Ease of UseAuthEmerging recommendation
Auth.md Agent Registration
Auth.md Agent Registration failed at "Fetch and validate /auth.md".
Needs attention
Auth.md Agent Registration
Issue
auth.md response did not match Auth.md v1 agent registration guidance. missing OAuth Protected Resource Metadata discovery guidance; missing Auth.md credential type guidance; missing agent_verified/user_claimed or claim ceremony guidance.
Why it matters
Human login and signup flows are often opaque to agents. Auth.md gives automated clients a stable registration contract instead of forcing them to scrape docs, automate browser forms, or guess credential flows.
Check name
Auth.md Agent Registration
Score
10/100
Status
fail
Category
Auth
Maturity
Emerging recommendation
Goal
Publish Auth.md v1 metadata so agents can discover how to register, claim a user, and obtain credentials.
Result
Auth.md Agent Registration failed at "Fetch and validate /auth.md".
Validation steps
Fetch and validate /auth.md
auth.md response did not match Auth.md v1 agent registration guidance. missing OAuth Protected Resource Metadata discovery guidance; missing Auth.md credential type guidance; missing agent_verified/user_claimed or claim ceremony guidance.
Validate protected resource metadata
OAuth Protected Resource Metadata could not be fetched.
Validate Auth.md authorization metadata
OAuth authorization-server metadata did not include usable Auth.md v1 fields. Content-Type "text/plain; charset=utf-8" is not JSON; agent_registration_endpoint issues: [{"field":"agent_registration_endpoint","issue":"Expected an absolute HTTPS URL."}]; missing credential_types_supported.
Agent Ease of UseAgent CommerceInformational
ACP - Agentic Commerce Protocol
ACP - Agentic Commerce Protocol failed at "Validate ACP discovery shape".
28 Fail
Agent Ease of UseAgent CommerceInformational
ACP - Agentic Commerce Protocol
ACP - Agentic Commerce Protocol failed at "Validate ACP discovery shape".
Needs attention
ACP - Agentic Commerce Protocol
Issue
ACP discovery is missing transports array.
Details
Why it matters
ACP discovery lets agents find the seller's ACP API base URL, supported versions, transports, and stable services before attempting authenticated checkout-session negotiation.
Check name
ACP - Agentic Commerce Protocol
Score
45/100
Status
fail
Category
Agent Commerce
Maturity
Informational
Goal
Expose valid ACP discovery when this origin supports Agentic Commerce Protocol workflows.
Result
ACP - Agentic Commerce Protocol failed at "Validate ACP discovery shape".
Validation steps
Validate ACP discovery shape
ACP discovery is missing transports array.
ACP discovery is missing transports array.
protocol.version must be a YYYY-MM-DD date string.
protocol.supported_versions must be a non-empty array.
capabilities.services must be a non-empty array.
Validate ACP endpoint and transports
transports is missing or empty.
Validate ACP capabilities
capabilities.services is missing or empty.
AI DiscoverabilityBot Access ControlEmerging recommendation
RSL license signal
No RSL declarations were found.
25 Warning
AI DiscoverabilityBot Access ControlEmerging recommendation
RSL license signal
No RSL declarations were found.
Needs attention
RSL license signal
Issue
No RSL declarations were found.
Why it matters
Really Simple Licensing is an emerging rights-expression layer for communicating content usage and licensing terms separately from robots.txt crawl permission.
Check name
RSL license signal
Score
50/100
Status
warning
Category
Bot Access Control
Maturity
Emerging recommendation
Goal
Declare machine-readable content licensing terms for compliant AI and crawler systems when the site needs them.
Result
No RSL declarations were found.
Validation steps
Discover RSL declarations
No RSL declarations were found.
AI DiscoverabilityBot Access ControlEmerging recommendation
TDMRep declaration
No TDMRep declaration was found.
25 Warning
AI DiscoverabilityBot Access ControlEmerging recommendation
TDMRep declaration
No TDMRep declaration was found.
Needs attention
TDMRep declaration
Issue
No TDMRep declaration was found at /.well-known/tdmrep.json.
Why it matters
TDMRep is a W3C Community Group protocol and IANA-registered well-known URI for declaring text and data mining reservation policy on applicable content.
Check name
TDMRep declaration
Score
50/100
Status
warning
Category
Bot Access Control
Maturity
Emerging recommendation
Goal
Publish a machine-readable text and data mining reservation declaration and verifiable ODRL policy when the site needs one.
Result
No TDMRep declaration was found.
Validation steps
Fetch /.well-known/tdmrep.json
No TDMRep declaration was found at /.well-known/tdmrep.json.
Agent Ease of UseAuthEmerging recommendation
OAuth Protected Resource
OAuth Protected Resource has a validation warning at "Detect protected-resource applicability".
17 Warning
Agent Ease of UseAuthEmerging recommendation
OAuth Protected Resource
OAuth Protected Resource has a validation warning at "Detect protected-resource applicability".
Needs attention
OAuth Protected Resource
Issue
Generic authentication signals were found, but no OAuth Protected Resource metadata signal was detected.
Why it matters
Protected-resource metadata tells agents which API/resource is locked, which authorization servers can issue tokens for it, and how a 401 challenge maps back to the correct resource.
Check name
OAuth Protected Resource
Score
50/100
Status
warning
Category
Auth
Maturity
Emerging recommendation
Goal
Publish OAuth Protected Resource Metadata for OAuth-protected APIs and MCP resources so clients can identify the resource and its authorization servers.
Result
OAuth Protected Resource has a validation warning at "Detect protected-resource applicability".
Validation steps
Detect protected-resource applicability
Generic authentication signals were found, but no OAuth Protected Resource metadata signal was detected.
Agent Ease of UseAPIEstablished
OpenAPI discovery
OpenAPI discovery has a validation warning at "Discover OpenAPI document".
17 Warning
Agent Ease of UseAPIEstablished
OpenAPI discovery
OpenAPI discovery has a validation warning at "Discover OpenAPI document".
Needs attention
OpenAPI discovery
Issue
The site appears to publish or document a public API, but no OpenAPI or Swagger document was found.
Why it matters
OpenAPI documents let agents understand operations, schemas, authentication, servers, and request/response formats before calling an API.
Check name
OpenAPI discovery
Score
67/100
Status
warning
Category
API
Maturity
Established
Goal
Publish a valid OpenAPI or Swagger document for public API discovery when this origin exposes public APIs.
Result
OpenAPI discovery has a validation warning at "Discover OpenAPI document".
Validation steps
Discover OpenAPI document
The site appears to publish or document a public API, but no OpenAPI or Swagger document was found.
Agent Ease of UseMCPEmerging recommendation
WebMCP
WebMCP has a validation warning at "Detect WebMCP runtime API".
16 Warning
Agent Ease of UseMCPEmerging recommendation
WebMCP
WebMCP has a validation warning at "Detect WebMCP runtime API".
Needs attention
WebMCP
Issue
WebMCP-like strings were found, but rendered browser evidence did not confirm a usable runtime API.
Why it matters
WebMCP gives agents structured page and browser tool hints so they can understand actions without relying only on screen scraping.
Check name
WebMCP
Score
68/100
Status
warning
Category
MCP
Maturity
Emerging recommendation
Goal
Expose browser/page WebMCP tools and compatible static WebMCP metadata when a site wants agents to understand in-page actions.
Result
WebMCP has a validation warning at "Detect WebMCP runtime API".
Validation steps
Detect WebMCP runtime API
WebMCP-like strings were found, but rendered browser evidence did not confirm a usable runtime API.
Probe WebMCP operability
Static WebMCP runtime strings were found, but rendered browser probing did not confirm a runtime API.
WebMCP operability findings
- Static WebMCP runtime strings were found, but rendered browser probing did not confirm a runtime API.
- Conventional WebMCP manifest paths were checked but did not return a valid manifest.
Validate MCP-aware HTML annotations
No data-mcp-tool or hyphenated WebMCP compatibility annotations were found.
Validate WebMCP tool metadata quality
WebMCP tool metadata has quality issues or profile warnings.
WebMCP tool metadata findings
- <input name="q"> tool is missing a name.
- <select name="section"> tool is missing a name.
Security & TrustSecurity & TrustEstablished
Content-Security-Policy
Content-Security-Policy failed at "Find enforcing CSP delivery".
15 Fail
Security & TrustSecurity & TrustEstablished
Content-Security-Policy
Content-Security-Policy failed at "Find enforcing CSP delivery".
Needs attention
Content-Security-Policy
Issue
Applicable HTML response is missing an enforcing Content-Security-Policy header.
Why it matters
Content Security Policy reduces the impact of injection bugs by limiting where scripts, styles, frames, forms, and other browser resources can load or execute.
Check name
Content-Security-Policy
Score
40/100
Status
fail
Category
Security & Trust
Maturity
Established
Goal
Constrain browser resource loading and script execution with an enforcing Content-Security-Policy header.
Result
Content-Security-Policy failed at "Find enforcing CSP delivery".
Validation steps
Find enforcing CSP delivery
Applicable HTML response is missing an enforcing Content-Security-Policy header.
Agent Ease of UseSkill DiscoveryEmerging recommendation
Agent Skills index
Agent Skills index failed at "Validate skill entries".
14 Fail
Agent Ease of UseSkill DiscoveryEmerging recommendation
Agent Skills index
Agent Skills index failed at "Validate skill entries".
Needs attention
Agent Skills index
Issue
One or more Agent Skills entries have invalid required fields.
Details
Why it matters
An Agent Skills index lets agents discover task-specific instructions through a small trusted index, then verify and load only the skill artifacts they need.
Check name
Agent Skills index
Score
43/100
Status
fail
Category
Skill Discovery
Maturity
Emerging recommendation
Goal
Publish an Agent Skills discovery index that advertises digest-pinned SKILL.md or archive artifacts.
Result
Agent Skills index failed at "Validate skill entries".
Validation steps
Validate skill entries
One or more Agent Skills entries have invalid required fields.
Skill entry findings
[ { "url": "/llms.txt", "name": "deployhq-llms-txt", "type": "skill-md", "index": 3, "valid": false, "digest": "", "invalid": [], "missing": [ "digest" ], "warnings": [], "description": "Machine-readable site index following the llms.txt specification. Lists all public pages with descriptions for efficient content discovery.", "originClass": "same-origin", "resolvedUrl": "https://www.deployhq.com/llms.txt" } ]Verify advertised artifacts
One or more advertised skill artifacts could not be fetched or failed raw-byte digest verification.
Artifact verification failures
[ { "url": "https://www.deployhq.com/.well-known/agent-skills/cli/SKILL.md", "name": "deployhq-cli", "type": "skill-md", "index": 2, "content": { "reason": "[discarded fetched document data]", "discarded": true, "originalKeys": [ "valid", "warnings", "failures", "security", "quality", "frontmatter" ], "originalType": "object" }, "byteLength": 986, "statusCode": 200, "contentType": "text/plain; charset=utf-8", "originClass": "same-origin", "actualDigest": "sha256:ed4831206389d3733804e74cf33cbe3372262e9f96f6f0b2dd8065f5b4d865f8", "digestMatches": false, "advertisedDigest": "sha256:d9fa2181d4e4d7e23dfbf081f7e14ed6436222ca2f2d67478023f512a4c9c76b" } ]Validate skill content
SKILL.md is missing YAML frontmatter.
Skill content findings
- SKILL.md is missing YAML frontmatter.
- SKILL.md is missing YAML frontmatter.
- SKILL.md is missing YAML frontmatter.
- SKILL.md body lacks obvious workflow, input/output, example, or validation guidance.
{ "truncated": true, "omittedCount": 2, "originalCount": 6 }
Review skill artifact security
SKILL.md references external URLs; fetched content is an additional trust boundary (https://www.deployhq.com/support/getting-started, https://www.deployhq.com/llms.txt).
Agent Skills security findings
- SKILL.md references external URLs; fetched content is an additional trust boundary (https://www.deployhq.com/support/getting-started, https://www.deployhq.com/llms.txt).
- SKILL.md references external URLs; fetched content is an additional trust boundary (https://github.com/deployhq/deployhq-mcp-server).
- SKILL.md references shell or code-execution patterns that can modify systems, fetch remote code, or move data.
- SKILL.md references external URLs; fetched content is an additional trust boundary (https://github.com/deployhq/deployhq-cli, https://deployhq.ai, https://deployhq.com/install/cli).
Agent Ease of UseAuthEstablished
OAuth / OIDC discovery
OAuth / OIDC discovery failed at "Validate metadata profile".
14 Fail
Agent Ease of UseAuthEstablished
OAuth / OIDC discovery
OAuth / OIDC discovery failed at "Validate metadata profile".
Needs attention
OAuth / OIDC discovery
Issue
OAuth/OIDC discovery metadata did not match the expected profile. Content-Type "text/plain; charset=utf-8" is not JSON.
Why it matters
OAuth and OIDC discovery let agents and API clients find authorization, token, and key endpoints programmatically instead of scraping login pages or guessing provider setup.
Check name
OAuth / OIDC discovery
Score
58/100
Status
fail
Category
Auth
Maturity
Established
Goal
Publish OAuth/OIDC discovery metadata only when the site operates or advertises a real OAuth/OIDC authorization server.
Result
OAuth / OIDC discovery failed at "Validate metadata profile".
Validation steps
Validate metadata profile
OAuth/OIDC discovery metadata did not match the expected profile. Content-Type "text/plain; charset=utf-8" is not JSON.
Validate discovery CORS
Discovery metadata did not include Access-Control-Allow-Origin: *, so browser-based clients may be unable to fetch it cross-origin.
Agent Ease of UseSkill DiscoveryEmerging recommendation
A2A Agent Card
A2A Agent Card failed at "Detect A2A card version".
14 Fail
Agent Ease of UseSkill DiscoveryEmerging recommendation
A2A Agent Card
A2A Agent Card failed at "Detect A2A card version".
Needs attention
A2A Agent Card
Issue
The discovered JSON document does not match a supported A2A Agent Card version family.
Why it matters
A2A Agent Cards provide protocol-specific discovery for agent identity, skills, input and output modes, transport bindings, capabilities, and security requirements. Legacy A2A also used /.well-known/agent.json, so scanners must classify the card shape before reporting readiness.
Check name
A2A Agent Card
Score
44/100
Status
fail
Category
Skill Discovery
Maturity
Emerging recommendation
Goal
Publish a version-appropriate A2A Agent Card so A2A-compatible clients can discover agent skills and invoke the declared endpoint safely.
Result
A2A Agent Card failed at "Detect A2A card version".
Validation steps
Discover A2A Agent Card
The A2A Agent Card was found at a legacy or fallback path.
Detect A2A card version
The discovered JSON document does not match a supported A2A Agent Card version family.
Validate version-specific card shape
Document does not match a supported A2A Agent Card shape.
Missing required fields
- skills[]
Probe same-origin A2A endpoint
A2A endpoint probing was skipped because the endpoint was cross-origin, unavailable from the card, or uses an unsupported binding.
Security & TrustSecurity & TrustEstablished
HSTS header
HSTS header failed at "Find Strict-Transport-Security".
13 Fail
Security & TrustSecurity & TrustEstablished
HSTS header
HSTS header failed at "Find Strict-Transport-Security".
Needs attention
HSTS header
Issue
HTTPS response is missing Strict-Transport-Security.
Why it matters
HSTS tells browsers to keep using HTTPS after the first secure visit, reducing downgrade, SSL-stripping, and mixed-transport risk for repeat users.
Check name
HSTS header
Score
50/100
Status
fail
Category
Security & Trust
Maturity
Established
Goal
Require HTTPS for repeat browser visits with a valid Strict-Transport-Security policy.
Result
HSTS header failed at "Find Strict-Transport-Security".
Validation steps
Find Strict-Transport-Security
HTTPS response is missing Strict-Transport-Security.
Agent Ease of UseSkill DiscoveryEmerging recommendation
agents.json
agents.json has a validation warning at "Discover agents.json".
13 Warning
Agent Ease of UseSkill DiscoveryEmerging recommendation
agents.json
agents.json has a validation warning at "Discover agents.json".
Needs attention
agents.json
Issue
No Wildcard-style agents.json file was found.
Why it matters
Wildcard agents.json gives agents workflow-level context beyond plain OpenAPI, including flows, links, examples, and API action structure. It is an emerging OpenAPI-adjacent proposal, so scanners should validate the contract shape without treating it as an A2A or IETF standard.
Check name
agents.json
Score
50/100
Status
warning
Category
Skill Discovery
Maturity
Emerging recommendation
Goal
Publish a Wildcard-style agents.json file so agents can discover OpenAPI-backed workflows, links, examples, and authentication requirements.
Result
agents.json has a validation warning at "Discover agents.json".
Validation steps
Discover agents.json
No Wildcard-style agents.json file was found.
Agent Ease of UseSkill DiscoveryEmerging recommendation
DNS-AID Agent Discovery
DNS-AID Agent Discovery has a validation warning at "Query DNS-AID records".
13 Warning
Agent Ease of UseSkill DiscoveryEmerging recommendation
DNS-AID Agent Discovery
DNS-AID Agent Discovery has a validation warning at "Query DNS-AID records".
Needs attention
DNS-AID Agent Discovery
Issue
No DNS-AID HTTPS/SVCB records were found under _agents.
Why it matters
DNS-AID lets agents discover index, A2A, and other agent entrypoints before fetching HTTP metadata. HTTPS/SVCB records provide the service-binding substrate, while DNSSEC can authenticate the discovery answer when available.
Check name
DNS-AID Agent Discovery
Score
50/100
Status
warning
Category
Skill Discovery
Maturity
Emerging recommendation
Goal
Publish DNS-AID HTTPS/SVCB records under _agents for DNS-based agent entrypoint discovery.
Result
DNS-AID Agent Discovery has a validation warning at "Query DNS-AID records".
Validation steps
Query DNS-AID records
No DNS-AID HTTPS/SVCB records were found under _agents.
Check DNSSEC authentication evidence
DNSSEC authentication evidence was not visible for the DNS-AID labels or hostname.
AI DiscoverabilityContent ReadinessEstablished
Semantic HTML
Semantic HTML is partially implemented.
10 Warning
AI DiscoverabilityContent ReadinessEstablished
Semantic HTML
Semantic HTML is partially implemented.
Needs attention
Semantic HTML
Issue
Semantic HTML is incomplete: expected exactly one visible main landmark, found 2; 2 ARIA/native semantic issues.
Details
Why it matters
Semantic HTML gives browsers, assistive technology, search systems, and agents reliable landmarks, headings, controls, form semantics, and image context.
Check name
Semantic HTML
Score
70/100
Status
warning
Category
Content Readiness
Maturity
Established
Goal
Expose readable page structure through semantic HTML and accessible controls.
Result
Semantic HTML is partially implemented.
Validation steps
Page landmarks
Expected exactly one visible main landmark; found 2.
Links
1 links use generic anchor text.
Native semantics and ARIA
2 ARIA/native semantic conflicts or redundancies were found.
Agent Ease of UseAPIEstablished
API Catalog
API Catalog failed at "Validate API catalog media type".
9 Fail
Agent Ease of UseAPIEstablished
API Catalog
API Catalog failed at "Validate API catalog media type".
Needs attention
API Catalog
Issue
Content-Type "text/plain; charset=utf-8" is not valid for an RFC 9727 API catalog.
Why it matters
API catalogs help agents find API endpoints, service descriptions, documentation, status resources, auth metadata, and related machine-readable contracts without guessing entry points.
Check name
API Catalog
Score
83/100
Status
fail
Category
API
Maturity
Established
Goal
Publish an API catalog for automated public API discovery using RFC 9727 when this origin exposes public APIs.
Result
API Catalog failed at "Validate API catalog media type".
Validation steps
Check API catalog HEAD Link header
HEAD /.well-known/api-catalog did not expose a Link header with rel="api-catalog".
Validate API catalog media type
Content-Type "text/plain; charset=utf-8" is not valid for an RFC 9727 API catalog.
AI DiscoverabilityContent ReadinessEstablished
Markdown negotiation
Markdown negotiation is partially implemented.
7 Warning
AI DiscoverabilityContent ReadinessEstablished
Markdown negotiation
Markdown negotiation is partially implemented.
Needs attention
Markdown negotiation
Issue
Markdown negotiation is missing or incomplete.
Why it matters
Markdown representations give agents a cleaner page form while preserving normal HTML for browsers and cache-safe representation handling.
Check name
Markdown negotiation
Score
78/100
Status
warning
Category
Content Readiness
Maturity
Established
Goal
Expose a useful Markdown representation through negotiation or an explicit alternate URL.
Result
Markdown negotiation is partially implemented.
Validation steps
Advertised Markdown alternate
Advertise dedicated Markdown URLs with Link: <url>; rel="alternate"; type="text/markdown" or an HTML link rel=alternate tag.
Conventional .md mirror
If a .md mirror is intentional, advertise it with rel=alternate and type=text/markdown.
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AEO: Answer-first passages
AEO: Answer-first passages scored 23/100 and needs a fix.
7 Fail
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AEO: Answer-first passages
AEO: Answer-first passages scored 23/100 and needs a fix.
Needs attention
AEO: Answer-first passages
Issue
28 section(s) bury or omit a concise opening answer.
Details
Why it matters
Answer engines need visible answer passages, clear question and heading structure, entity definitions, evidence, and trust signals. These signals improve extraction and attribution, but they do not guarantee answer-engine citations or search features.
Check name
AEO: Answer-first passages
Score
23/100
Status
fail
Category
GEO, AIO & AEO
Maturity
Emerging recommendation
Goal
Make page content easy for answer engines and assistants to extract, answer from, and attribute without promising inclusion in any proprietary answer surface.
Result
AEO: Answer-first passages scored 23/100 and needs a fix.
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
GEO: Citable passages
GEO: Citable passages scored 35/100 and needs a fix.
6 Fail
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
GEO: Citable passages
GEO: Citable passages scored 35/100 and needs a fix.
Needs attention
GEO: Citable passages
Issue
No evidence-backed, citation-length explanatory paragraph was found.
Details
Why it matters
Generative answer systems work best with visible, self-contained, evidence-backed content, clear entities, trustworthy attribution, structured page sections, and crawler-accessible HTML. These signals improve machine understanding even though they do not guarantee AI citations.
Check name
GEO: Citable passages
Score
35/100
Status
fail
Category
GEO, AIO & AEO
Maturity
Emerging recommendation
Goal
Make page content easy for AI answer engines to extract, cite, and attribute without promising inclusion in any proprietary answer surface.
Result
GEO: Citable passages scored 35/100 and needs a fix.
AI DiscoverabilityContent ReadinessEstablished
Organization / WebSite schema
Organization / WebSite schema is partially implemented.
5 Warning
AI DiscoverabilityContent ReadinessEstablished
Organization / WebSite schema
Organization / WebSite schema is partially implemented.
Needs attention
Organization / WebSite schema
Issue
WebSite.publisher is missing.
Why it matters
Organization and WebSite schema help agents identify the publisher, canonical site identity, logo, and related profiles for attribution.
Check name
Organization / WebSite schema
Score
85/100
Status
warning
Category
Content Readiness
Maturity
Established
Goal
Identify the site owner and website entity in structured data.
Result
Organization / WebSite schema is partially implemented.
Validation steps
WebSite publisher linkage
WebSite.publisher is missing.
Security & TrustSecurity & TrustEstablished
Frame protection
Frame protection has a validation warning at "Validate CSP frame-ancestors".
5 Warning
Security & TrustSecurity & TrustEstablished
Frame protection
Frame protection has a validation warning at "Validate CSP frame-ancestors".
Needs attention
Frame protection
Issue
Frame protection relies only on X-Frame-Options; CSP frame-ancestors is the modern control.
Why it matters
Frame protection blocks hostile sites from embedding pages in deceptive frames, reducing clickjacking and UI redressing risk.
Check name
Frame protection
Score
81/100
Status
warning
Category
Security & Trust
Maturity
Established
Goal
Prevent unwanted framing with an enforcing CSP frame-ancestors directive or a valid X-Frame-Options fallback.
Result
Frame protection has a validation warning at "Validate CSP frame-ancestors".
Validation steps
Validate CSP frame-ancestors
Frame protection relies only on X-Frame-Options; CSP frame-ancestors is the modern control.
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AIO: Structured data consistency
AIO: Structured data consistency scored 63/100 and needs improvement.
4 Warning
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AIO: Structured data consistency
AIO: Structured data consistency scored 63/100 and needs improvement.
Needs attention
AIO: Structured data consistency
Issue
11 structured-data value(s) were not found in visible page text.
Details
Why it matters
Google AI Overviews and AI Mode depend on normal Google Search eligibility, snippet permissions, useful visible content, consistent structured data, trust signals, and page experience basics. These signals help Google understand and preview a page, but they do not guarantee selection.
Check name
AIO: Structured data consistency
Score
63/100
Status
warning
Category
GEO, AIO & AEO
Maturity
Emerging recommendation
Goal
Make page content eligible, understandable, and previewable for Google Search AI features without promising inclusion.
Result
AIO: Structured data consistency scored 63/100 and needs improvement.
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
GEO: Structured extraction
GEO: Structured extraction scored 75/100 and needs improvement.
2 Warning
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
GEO: Structured extraction
GEO: Structured extraction scored 75/100 and needs improvement.
Needs attention
GEO: Structured extraction
Issue
Missing or weak extraction signals: clean heading hierarchy, FAQ or question-answer section where appropriate.
Details
Why it matters
Generative answer systems work best with visible, self-contained, evidence-backed content, clear entities, trustworthy attribution, structured page sections, and crawler-accessible HTML. These signals improve machine understanding even though they do not guarantee AI citations.
Check name
GEO: Structured extraction
Score
75/100
Status
warning
Category
GEO, AIO & AEO
Maturity
Emerging recommendation
Goal
Make page content easy for AI answer engines to extract, cite, and attribute without promising inclusion in any proprietary answer surface.
Result
GEO: Structured extraction scored 75/100 and needs improvement.
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AIO: Page experience proxy
AIO: Page experience proxy scored 80/100 and needs improvement.
2 Warning
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AIO: Page experience proxy
AIO: Page experience proxy scored 80/100 and needs improvement.
Needs attention
AIO: Page experience proxy
Issue
36 image(s) are missing width/height attributes.
Details
Why it matters
Google AI Overviews and AI Mode depend on normal Google Search eligibility, snippet permissions, useful visible content, consistent structured data, trust signals, and page experience basics. These signals help Google understand and preview a page, but they do not guarantee selection.
Check name
AIO: Page experience proxy
Score
80/100
Status
warning
Category
GEO, AIO & AEO
Maturity
Emerging recommendation
Goal
Make page content eligible, understandable, and previewable for Google Search AI features without promising inclusion.
Result
AIO: Page experience proxy scored 80/100 and needs improvement.
Security & TrustSecurity & TrustEstablished
X-Content-Type-Options
X-Content-Type-Options has a validation warning at "Review observed browser responses".
2 Warning
Security & TrustSecurity & TrustEstablished
X-Content-Type-Options
X-Content-Type-Options has a validation warning at "Review observed browser responses".
Needs attention
X-Content-Type-Options
Issue
One or more same-origin active resources observed by Chrome did not emit X-Content-Type-Options: nosniff.
Why it matters
X-Content-Type-Options tells browsers to trust declared media types instead of sniffing content, reducing the risk that mislabeled files execute as active content.
Check name
X-Content-Type-Options
Score
93/100
Status
warning
Category
Security & Trust
Maturity
Established
Goal
Prevent browser MIME sniffing for browser-loadable responses with X-Content-Type-Options: nosniff.
Result
X-Content-Type-Options has a validation warning at "Review observed browser responses".
Validation steps
Review observed browser responses
One or more same-origin active resources observed by Chrome did not emit X-Content-Type-Options: nosniff.
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AIO: Source and trust signals
AIO: Source and trust signals scored 83/100 and needs improvement.
2 Warning
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AIO: Source and trust signals
AIO: Source and trust signals scored 83/100 and needs improvement.
Needs attention
AIO: Source and trust signals
Issue
Missing AIO trust signals: freshnessDate.
Details
Why it matters
Google AI Overviews and AI Mode depend on normal Google Search eligibility, snippet permissions, useful visible content, consistent structured data, trust signals, and page experience basics. These signals help Google understand and preview a page, but they do not guarantee selection.
Check name
AIO: Source and trust signals
Score
83/100
Status
warning
Category
GEO, AIO & AEO
Maturity
Emerging recommendation
Goal
Make page content eligible, understandable, and previewable for Google Search AI features without promising inclusion.
Result
AIO: Source and trust signals scored 83/100 and needs improvement.
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AEO: Question and answer structure
AEO: Question and answer structure scored 81/100 and needs improvement.
2 Warning
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AEO: Question and answer structure
AEO: Question and answer structure scored 81/100 and needs improvement.
Needs attention
AEO: Question and answer structure
Issue
28 section(s) bury or omit a concise opening answer.
Why it matters
Answer engines need visible answer passages, clear question and heading structure, entity definitions, evidence, and trust signals. These signals improve extraction and attribution, but they do not guarantee answer-engine citations or search features.
Check name
AEO: Question and answer structure
Score
81/100
Status
warning
Category
GEO, AIO & AEO
Maturity
Emerging recommendation
Goal
Make page content easy for answer engines and assistants to extract, answer from, and attribute without promising inclusion in any proprietary answer surface.
Result
AEO: Question and answer structure scored 81/100 and needs improvement.
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
GEO: Source and trust signals
GEO: Source and trust signals scored 83/100 and needs improvement.
1 Warning
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
GEO: Source and trust signals
GEO: Source and trust signals scored 83/100 and needs improvement.
Needs attention
GEO: Source and trust signals
Issue
Missing source or trust signals: freshnessDate.
Details
Why it matters
Generative answer systems work best with visible, self-contained, evidence-backed content, clear entities, trustworthy attribution, structured page sections, and crawler-accessible HTML. These signals improve machine understanding even though they do not guarantee AI citations.
Check name
GEO: Source and trust signals
Score
83/100
Status
warning
Category
GEO, AIO & AEO
Maturity
Emerging recommendation
Goal
Make page content easy for AI answer engines to extract, cite, and attribute without promising inclusion in any proprietary answer surface.
Result
GEO: Source and trust signals scored 83/100 and needs improvement.
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AEO: Evidence and trust
AEO: Evidence and trust scored 86/100 and needs improvement.
1 Warning
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AEO: Evidence and trust
AEO: Evidence and trust scored 86/100 and needs improvement.
Needs attention
AEO: Evidence and trust
Issue
Missing answer evidence or trust signals: freshnessDate.
Details
Why it matters
Answer engines need visible answer passages, clear question and heading structure, entity definitions, evidence, and trust signals. These signals improve extraction and attribution, but they do not guarantee answer-engine citations or search features.
Check name
AEO: Evidence and trust
Score
86/100
Status
warning
Category
GEO, AIO & AEO
Maturity
Emerging recommendation
Goal
Make page content easy for answer engines and assistants to extract, answer from, and attribute without promising inclusion in any proprietary answer surface.
Result
AEO: Evidence and trust scored 86/100 and needs improvement.
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
GEO: Entity clarity
GEO: Entity clarity scored 86/100 and needs improvement.
1 Warning
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
GEO: Entity clarity
GEO: Entity clarity scored 86/100 and needs improvement.
Needs attention
GEO: Entity clarity
Issue
Title/H1 terms missing from description: deployhq, git, push, done, command, prompt.
Details
Why it matters
Generative answer systems work best with visible, self-contained, evidence-backed content, clear entities, trustworthy attribution, structured page sections, and crawler-accessible HTML. These signals improve machine understanding even though they do not guarantee AI citations.
Check name
GEO: Entity clarity
Score
86/100
Status
warning
Category
GEO, AIO & AEO
Maturity
Emerging recommendation
Goal
Make page content easy for AI answer engines to extract, cite, and attribute without promising inclusion in any proprietary answer surface.
Result
GEO: Entity clarity scored 86/100 and needs improvement.
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AEO: Entity and definition clarity
AEO: Entity and definition clarity scored 89/100 and needs improvement.
1 Warning
GEO, AIO and AEOGEO, AIO & AEOEmerging recommendation
AEO: Entity and definition clarity
AEO: Entity and definition clarity scored 89/100 and needs improvement.
Needs attention
AEO: Entity and definition clarity
Issue
28 section(s) bury or omit a concise opening answer.
Why it matters
Answer engines need visible answer passages, clear question and heading structure, entity definitions, evidence, and trust signals. These signals improve extraction and attribution, but they do not guarantee answer-engine citations or search features.
Check name
AEO: Entity and definition clarity
Score
89/100
Status
warning
Category
GEO, AIO & AEO
Maturity
Emerging recommendation
Goal
Make page content easy for answer engines and assistants to extract, answer from, and attribute without promising inclusion in any proprietary answer surface.
Result
AEO: Entity and definition clarity scored 89/100 and needs improvement.
AI DiscoverabilityDiscoverabilityEstablished
IndexNow key
IndexNow key is informational for this page.
Informational
AI DiscoverabilityDiscoverabilityEstablished
IndexNow key
IndexNow key is informational for this page.
Needs attention
IndexNow key
Issue
IndexNow key is informational for this page.
Why it matters
IndexNow lets sites notify participating search engines about changed URLs, but ownership verification requires a UTF-8 key file whose filename matches the key.
Check name
IndexNow key
Score
100/100
Status
informational
Category
Discoverability
Maturity
Established
Goal
Verify that IndexNow ownership key placement is detectable when the site advertises it.
Result
IndexNow key is informational for this page.
Validation steps
Find advertised IndexNow key location
No IndexNow key location was advertised in HTML, Link headers, or robots.txt.
Fetch and validate IndexNow key file
No discoverable IndexNow key file was found.
Performance and AccessibilityAccessibilityBrowser audit
Background and foreground colors do not have a sufficient contrast ratio.
100 Fail
Performance and AccessibilityAccessibilityBrowser audit
Background and foreground colors do not have a sufficient contrast ratio.
Check name
Background and foreground colors do not have a sufficient contrast ratio.
Score
0/100
Status
fail
Device
desktop
Category
Accessibility
Fix guidance
Low-contrast text is difficult or impossible for many users to read. [Learn how to provide sufficient color contrast](https://dequeuniversity.com/rules/axe/4.11/color-contrast).
References
https://web.dev/learn/accessibility/Evidence
{
"description": "Low-contrast text is difficult or impossible for many users to read. [Learn how to provide sufficient color contrast](https://dequeuniversity.com/rules/axe/4.11/color-contrast)."
}SEOSEOBrowser audit
Links do not have descriptive text
100 Fail
SEOSEOBrowser audit
Links do not have descriptive text
Check name
Links do not have descriptive text
Score
0/100
Status
fail
Device
desktop
Category
SEO
Estimated savings
1 link found
Fix guidance
Descriptive link text helps search engines understand your content. [Learn how to make links more accessible](https://developer.chrome.com/docs/lighthouse/seo/link-text/).
Evidence
{
"description": "Descriptive link text helps search engines understand your content. [Learn how to make links more accessible](https://developer.chrome.com/docs/lighthouse/seo/link-text/).",
"displayValue": "1 link found"
}Performance and AccessibilityPerformanceBrowser audit
Forced reflow
25 Fail
Performance and AccessibilityPerformanceBrowser audit
Forced reflow
Check name
Forced reflow
Score
0/100
Status
fail
Device
desktop
Category
Performance
Fix guidance
A forced reflow occurs when JavaScript queries geometric properties (such as offsetWidth) after styles have been invalidated by a change to the DOM state. This can result in poor performance. Learn more about [forced reflows](https://developer.chrome.com/docs/performance/insights/forced-reflow) and possible mitigations.
References
https://web.dev/learn/performance/Evidence
{
"description": "A forced reflow occurs when JavaScript queries geometric properties (such as offsetWidth) after styles have been invalidated by a change to the DOM state. This can result in poor performance. Learn more about [forced reflows](https://developer.chrome.com/docs/performance/insights/forced-reflow) and possible mitigations."
}Performance and AccessibilityPerformanceBrowser audit
Network dependency tree
25 Fail
Performance and AccessibilityPerformanceBrowser audit
Network dependency tree
Check name
Network dependency tree
Score
0/100
Status
fail
Device
desktop
Category
Performance
Fix guidance
[Avoid chaining critical requests](https://developer.chrome.com/docs/performance/insights/network-dependency-tree) by reducing the length of chains, reducing the download size of resources, or deferring the download of unnecessary resources to improve page load.
References
https://web.dev/learn/performance/Evidence
{
"description": "[Avoid chaining critical requests](https://developer.chrome.com/docs/performance/insights/network-dependency-tree) by reducing the length of chains, reducing the download size of resources, or deferring the download of unnecessary resources to improve page load."
}Performance and AccessibilityPerformanceBrowser audit
Reduce JavaScript execution time
25 Fail
Performance and AccessibilityPerformanceBrowser audit
Reduce JavaScript execution time
Check name
Reduce JavaScript execution time
Score
0/100
Status
fail
Device
desktop
Category
Performance
Estimated savings
2.2 s
Fix guidance
Consider reducing the time spent parsing, compiling, and executing JS. You may find delivering smaller JS payloads helps with this. [Learn how to reduce Javascript execution time](https://developer.chrome.com/docs/lighthouse/performance/bootup-time/).
References
https://web.dev/learn/performance/Evidence
{
"description": "Consider reducing the time spent parsing, compiling, and executing JS. You may find delivering smaller JS payloads helps with this. [Learn how to reduce Javascript execution time](https://developer.chrome.com/docs/lighthouse/performance/bootup-time/).",
"displayValue": "2.2 s",
"numericValue": 2241.9809999999966
}Performance and AccessibilityPerformanceBrowser audit
Loading performance
8 Fail
Performance and AccessibilityPerformanceBrowser audit
Loading performance
Check name
Loading performance
Score
69/100
Status
fail
Device
desktop
Category
Performance
Fix guidance
Review the grouped loading performance checks and improve the failing sub-checks listed in evidence.
References
https://web.dev/learn/performance/Evidence
{
"checks": [
{
"id": "largest-contentful-paint",
"score": 71,
"title": "Largest Contentful Paint",
"displayValue": "1.8 s",
"numericValue": 1766.0712871310207
},
{
"id": "speed-index",
"score": 77,
"title": "Speed Index",
"displayValue": "1.7 s",
"numericValue": 1655.9844019227269
},
{
"id": "max-potential-fid",
"score": 41,
"title": "Max Potential First Input Delay",
"displayValue": "280 ms",
"numericValue": 280
},
{
"id": "server-response-time",
"score": 100,
"title": "Initial server response time was short",
"displayValue": "Root document took 10 ms",
"numericValue": 5
},
{
"id": "network-rtt",
"score": 100,
"title": "Network Round Trip Times",
"displayValue": "50 ms",
"numericValue": 51.329834999999996
},
{
"id": "interactive",
"score": 60,
"title": "Time to Interactive",
"displayValue": "4.0 s",
"numericValue": 3974.206871048773
},
{
"id": "total-blocking-time",
"score": 2,
"title": "Total Blocking Time",
"displayValue": "1,350 ms",
"numericValue": 1348.4999999999995
},
{
"id": "first-contentful-paint",
"score": 98,
"title": "First Contentful Paint",
"displayValue": "0.7 s",
"numericValue": 662.0635135005169
}
]
}Fix with MCP or CLI
Use this report as the handoff into remediation. Generate a coding-agent prompt with the failing checks attached, or jump to the MCP and CLI setup docs before your next rescan.
Score history
Public scan score over time
Public reports for this website origin. Select any point or report link to open that canonical report.
| Scan date | Score | Readiness | Report |
|---|---|---|---|
| 68/100 | Level 3, Bot-Aware | Current report |