Fetch same-origin Link header targets [fail]! Link headers did not expose any same-origin targets to validate.INFOFetch same-origin Link header targetsINFOFetch same-origin Link header targets and record external skipsSKIPSkipped Link target fetch rel="service-doc" url="https://docs.knock.app" reason="External Link target was not fetched."SKIPSkipped Link target fetch rel="service-doc" url="https://docs.knock.app/mapi-reference" reason="External Link target was not fetched."SKIPSkipped Link target fetch rel="service-doc" url="https://docs.knock.app/api-reference" reason="External Link target was not fetched."FAILCompare same-origin Link target failures actual=1 expected=0FAILLink headers did not expose any same-origin targets to validate.

Detect WebMCP runtime API [informational]INFODetect WebMCP runtime API status="informational"INFOProbe rendered browser for WebMCP runtime objects SKIPCheck current W3C runtime API actual="not detected" expected="document.modelContext/registerTool available"INFOWebMCP evidence was recorded for context. status="informational"Probe WebMCP operability [warning]! No WebMCP surface was found to probe.INFOProbe WebMCP operability status="warning"INFORun safe WebMCP operability checks safeProbeOnly=trueWARNCheck usable WebMCP evidence actual=0 expected="at least 1 usable runtime, declarative, annotation, or static manifest signal"WARNWebMCP operability warning warning="No WebMCP surface was found to probe."WARNWebMCP operability warning warning="Conventional WebMCP manifest paths were checked but did not return a valid manifest."WARNNo WebMCP surface was found to probe.Validate declarative WebMCP form tools [informational]! No W3C-style declarative WebMCP form attributes were found.INFOValidate declarative WebMCP form tools status="informational"INFOInspect visible forms and controls for current declarative WebMCP attributes annotatedElements=0 formsWithAttributes=0 controlsWithAttributes=0SKIPValidate declarative WebMCP attribute quality actual=0 expected=0INFONo W3C-style declarative WebMCP form attributes were found. status="informational"Validate MCP-aware HTML annotations [informational]! No data-mcp-tool or hyphenated WebMCP compatibility annotations were found.INFOValidate MCP-aware HTML annotations status="informational"INFOInspect HTML for MCP compatibility annotations compatibilityAttributeCount=0 dataMcpToolCount=0 examples=[]SKIPValidate compatibility annotation quality actual=0 expected=0INFONo data-mcp-tool or hyphenated WebMCP compatibility annotations were found. status="informational"Validate static WebMCP JSON compatibility [warning]! No static WebMCP JSON manifest or WMCP interaction graph was found.INFOValidate static WebMCP JSON compatibility status="warning"INFODiscover static WebMCP manifest candidates conventionalPaths=["/.well-known/webmcp.json","/webmcp.json"] checkedCount=2 profileCounts={}INFOWebMCP manifest candidate checked source="path" path="/.well-known/webmcp.json" url="https://knock.app/.well-known/webmcp.json" statusCode=404 contentType="text/html; charset=utf-8"INFOWebMCP manifest candidate checked source="path" path="/webmcp.json" url="https://knock.app/webmcp.json" statusCode=404 contentType="text/html; charset=utf-8"WARNValidate discovered static WebMCP metadata actual={"validManifestCount":0,"invalidManifestCount":0,"toolCount":0,"wmcpActionCount":0} expected="at least 1 valid tools[] manifest or WMCP graph when static metadata is present"WARNNo static WebMCP JSON manifest or WMCP interaction graph was found.Validate WebMCP tool metadata quality [informational]INFOValidate WebMCP tool metadata quality status="informational"INFOInspect WebMCP tool names, descriptions, schemas, and safety hints toolCount=0SKIPCheck tool metadata findings actual={"issueCount":0,"warningCount":0} expected="0 issues and 0 warnings"INFOWebMCP evidence was recorded for context. status="informational"Review WebMCP security and policy signals [informational]INFOReview WebMCP security and policy signals status="informational"INFOInspect WebMCP security and policy signals permissionsPolicy="(missing)" failureCount=0 warningCount=0PASSCheck security findings actual={"failures":0,"warnings":0} expected="0 failures and 0 warnings"INFOWebMCP evidence was recorded for context. status="informational"

Classify AI crawler rules [fail]! No explicit User-agent rules were found for major AI crawler tokens.INFOClassify AI crawler rulesINFOParsing User-agent groups and Allow/Disallow records for known AI crawler tokens evaluatedPath="/"INFOEvaluating exact User-agent matches before wildcard fallback exactAiPolicyCount=0 totalCrawlerTokens=18FAILNo explicit AI crawler User-agent groups were found examplesExpected=["GPTBot","OAI-SearchBot","ClaudeBot","Google-Extended","CCBot"]FAILCompare explicit AI crawler coverage actual=0 expected="> 0 explicit non-search AI crawler policies" missingTokens=["GPTBot","OAI-SearchBot","ChatGPT-User","ClaudeBot","Claude-SearchBot","Claude-User","Google-Extended","Applebot-Extended","Amazonbot","Amzn-SearchBot","Amzn-User","PerplexityBot"]INFOResolved effective root-path policy for crawler tokens blocked=0 allowed=21 unspecified=0

Warn when auth surface lacks Auth.md [warning]! The site appears to support login, signup, account access, or credentials but does not publish /auth.md.INFOWarn when auth surface lacks Auth.mdWARNThe site appears to support login, signup, account access, or credentials but does not publish /auth.md.

Detect OAuth/OIDC applicability [warning]! Generic authentication signals were found, but no OAuth/OIDC discovery signal was detected.INFODetect OAuth/OIDC applicabilityINFOInspecting homepage, headers, and known auth/API signals for OAuth or OIDC claims applies=false signalsCount=0 genericAuthSignalsCount=3 checkedCount=2WARNCheck OAuth/OIDC applicability signal actual=false expected="true when metadata exists or OAuth/OIDC is claimed" checked=[{"path":"/.well-known/openid-configuration","statusCode":404,"contentType":"text/html; charset=utf-8","length":58650},{"path":"/.well-known/oauth-authorization-server","statusCode":404,"contentType":"text/html; charset=utf-8","length":58650}]WARNDetect OAuth/OIDC applicability completed with warnings issue="Generic authentication signals were found, but no OAuth/OIDC discovery signal was detected."

Detect protected-resource applicability [warning]! Generic authentication signals were found, but no OAuth Protected Resource metadata signal was detected.INFODetect protected-resource applicabilityINFOInspecting auth headers, MCP/OAuth claims, and protected-resource hints applies=false requiresAuthorizationServers=false signalsCount=0 genericAuthSignalsCount=3 checkedCount=1WARNCheck protected-resource metadata applicability actual=false expected="true when RFC 9728 metadata exists or support is claimed" checked=[{"url":"https://knock.app/.well-known/oauth-protected-resource","path":"/.well-known/oauth-protected-resource","source":"root-well-known","resourceIdentifier":"https://knock.app","statusCode":404,"contentType":"text/html; charset=utf-8","length":58650}]WARNDetect protected-resource applicability completed with warnings issue="Generic authentication signals were found, but no OAuth Protected Resource metadata signal was detected."

Discover OpenAPI document [warning]! The site appears to publish or document a public API, but no OpenAPI or Swagger document was found.INFODiscover OpenAPI document status="warning"INFOBuild OpenAPI candidate list conventionalPaths=19 candidateCount=19 sources={"conventional-path":19}INFOFetch OpenAPI candidate path="/openapi.json" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"INFOFetch OpenAPI candidate path="/openapi.yaml" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"INFOFetch OpenAPI candidate path="/swagger.json" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"INFOFetch OpenAPI candidate path="/swagger.yaml" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"INFOFetch OpenAPI candidate path="/api/openapi.json" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"INFOFetch OpenAPI candidate path="/api/openapi.yaml" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"INFOFetch OpenAPI candidate path="/api/swagger.json" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"INFOFetch OpenAPI candidate path="/api/swagger.yaml" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"INFOFetch OpenAPI candidate path="/docs/openapi.json" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"INFOFetch OpenAPI candidate path="/docs/openapi.yaml" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"INFOFetch OpenAPI candidate path="/api-docs" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"INFOFetch OpenAPI candidate path="/v3/api-docs" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"WARNSelect a usable OpenAPI candidate actual="none" expected="same-origin candidate with a parseable OpenAPI or Swagger document"WARNThe site appears to publish or document a public API, but no OpenAPI or Swagger document was found.

Find Referrer-Policy header [fail]! Referrer-Policy header is missing.INFOFind Referrer-Policy headerINFORead Referrer-Policy delivery header="referrer-policy" value="missing" metaReferrerPolicyCount=0 browserDefault="strict-origin-when-cross-origin"FAILRequire explicit HTTP Referrer-Policy header actual="missing" expected="HTTP response header present" issue="Referrer-Policy header is missing."FAILReferrer-Policy header is missing.Review observed browser responses [warning]! One or more same-origin HTML documents observed by Chrome did not emit Referrer-Policy.INFOReview observed browser responsesINFOSample Chrome-observed same-origin responses observedResponseCount=68 sameOriginCount=63 htmlDocumentCount=1WARNCompare observed Referrer-Policy coverage actual={"missingPolicyCount":1,"unsafeOrInvalidPolicyCount":0,"weakPolicyCount":0,"affected":[{"url":"https://knock.app/","status":200,"resourceType":"document","contentType":"text/html; charset=utf-8","referrerPolicy":null,"classification":"invalid"}]} expected="0 missing, unsafe, invalid, or weak same-origin HTML responses" issue="One or more same-origin HTML documents observed by Chrome did not emit Referrer-Policy."WARNOne or more same-origin HTML documents observed by Chrome did not emit Referrer-Policy.

Discover MCP server card [warning]! The MCP server card was found only at a transitional or linked path.INFODiscover MCP server card candidateCount=5INFOBuild MCP server-card candidate list currentPath="/.well-known/mcp-server-card" transitionalPaths=["/.well-known/mcp/server-card.json","/.well-known/mcp/server-cards.json","/mcp.json","/.well-known/mcp.json"] linkedPaths=["/.well-known/mcp/server-card.json"]INFOTrying to fetch /.well-known/mcp-server-card url="https://knock.app/.well-known/mcp-server-card" source="current"FAIL/.well-known/mcp-server-card did not return a usable server card statusCode=404 contentType="text/html; charset=utf-8"INFOTrying to fetch /.well-known/mcp/server-card.json url="https://knock.app/.well-known/mcp/server-card.json" source="transitional"PASS/.well-known/mcp/server-card.json returned a successful response statusCode=200 contentType="application/json" finalUrl="https://knock.app/.well-known/mcp/server-card.json"INFOTrying to fetch /.well-known/mcp/server-cards.json url="https://knock.app/.well-known/mcp/server-cards.json" source="transitional"FAIL/.well-known/mcp/server-cards.json did not return a usable server card statusCode=404 contentType="text/html; charset=utf-8"INFOTrying to fetch /mcp.json url="https://knock.app/mcp.json" source="transitional"FAIL/mcp.json did not return a usable server card statusCode=404 contentType="text/html; charset=utf-8"INFOTrying to fetch /.well-known/mcp.json url="https://knock.app/.well-known/mcp.json" source="transitional"FAIL/.well-known/mcp.json did not return a usable server card statusCode=404 contentType="text/html; charset=utf-8"WARNCheck selected card is published at the current well-known path actual="/.well-known/mcp/server-card.json" expected="/.well-known/mcp-server-card" source="transitional" finalUrl="https://knock.app/.well-known/mcp/server-card.json"WARNMCP server card was discovered through a transitional or linked path path="/.well-known/mcp/server-card.json" source="transitional" reason="The MCP server card was found only at a transitional or linked path."Validate MCP remotes [warning]! At least one MCP remote is cross-origin and was not actively probed by this scanner.INFOValidate MCP remotes remoteCount=1PASSCheck at least one MCP remote is declared actual=1 expected="> 0"PASSCheck invalid remote count actual=0 expected=0 invalidRemotes=[]WARNCheck same-origin remote coverage actual=0 expected=1PASSRemote #0 is syntactically usable index=0 source="remotes" type="streamable-http" url="https://mcp.knock.app/mcp" sameOrigin=false supportedProtocolVersions=["2025-03-26","2025-06-18"] authRequired=false issues=[]WARNMCP remotes are valid but not all can be actively probed reason="At least one MCP remote is cross-origin and was not actively probed by this scanner."Validate HTTP delivery [warning]! CORS header Access-Control-Allow-Origin is absent.INFOValidate HTTP delivery finalUrl="https://knock.app/.well-known/mcp/server-card.json"PASSCheck server card returned HTTP 2xx actual=200 expected="200-299"PASSCheck card is served as JSON actual="application/json" expected="application/json or +json"PASSCheck card is served over HTTPS actual="https:" expected="https:"WARNCheck browser-readable CORS header actual="missing" expected="Access-Control-Allow-Origin present"PASSCheck cache header is present actual="public, max-age=3600" expected="Cache-Control present"WARNMCP server-card HTTP delivery has non-blocking issues issues=["CORS header Access-Control-Allow-Origin is absent."] reason="CORS header Access-Control-Allow-Origin is absent."Probe same-origin MCP endpoint [warning]! MCP remotes were discovered, but none could be safely probed by this scanner.INFOProbe same-origin MCP endpoint probeCount=1INFOSelecting same-origin unauthenticated MCP remotes for a bounded initialize probeSKIPSkipped MCP endpoint probe url="https://mcp.knock.app/mcp" reason="Cross-origin MCP remote was validated syntactically but not actively probed."WARNCheck successful initialize probe count actual=0 expected="> 0 when a safe same-origin unauthenticated remote exists" activeProbeCount=0 authBlocked=0WARNMCP endpoint probe could not fully confirm operability reason="MCP remotes were discovered, but none could be safely probed by this scanner."

Discover A2A Agent Card [warning]! No A2A Agent Card was found at the current, legacy, or fallback discovery paths.INFODiscover A2A Agent CardINFOTry A2A discovery paths in priority order paths=["/.well-known/agent-card.json","/.well-known/agent.json","/agent-card.json","/.well-known/a2a/agent-card.json"]WARNA2A candidate path did not return a usable card path="/.well-known/agent-card.json" statusCode=404 contentType="text/html; charset=utf-8"WARNA2A candidate path did not return a usable card path="/.well-known/agent.json" statusCode=404 contentType="text/html; charset=utf-8"WARNA2A candidate path did not return a usable card path="/agent-card.json" statusCode=404 contentType="text/html; charset=utf-8"WARNA2A candidate path did not return a usable card path="/.well-known/a2a/agent-card.json" statusCode=404 contentType="text/html; charset=utf-8"WARNNo A2A Agent Card candidate was selectedWARNNo A2A Agent Card was found at the current, legacy, or fallback discovery paths.

Discover agents.json [warning]! No Wildcard-style agents.json file was found.INFODiscover agents.jsonINFOTry agents.json discovery paths in priority order paths=["/.well-known/agents.json","/agents.json"]WARNagents.json candidate path did not return a usable contract path="/.well-known/agents.json" statusCode=404 contentType="text/html; charset=utf-8"WARNagents.json candidate path did not return a usable contract path="/agents.json" statusCode=404 contentType="text/html; charset=utf-8"WARNNo agents.json candidate was selectedWARNNo Wildcard-style agents.json file was found.

Validate declared usage preferences [warning]! No Content-Usage or Content-Signal declarations were found.INFOValidate declared usage preferencesINFOParsing declared preferences into terms and values recordCount=0SKIPSkipping declaration validation because no Content-Usage or Content-Signal records were declared.SKIPCompare declared records to validation requirement actual=0 expected="No validation needed when no records are declared"WARNNo Content-Usage or Content-Signal declarations were present.

Query DNS-AID records [warning]! No DNS-AID HTTPS/SVCB records were found under _agents.INFOQuery DNS-AID recordsINFOBuild DNS-AID query names from hostname hostname="knock.app" labels=["_index._agents.knock.app","_a2a._agents.knock.app"] claimedOnPage=falseWARNDNS query returned no DNS-AID answers name="_index._agents.knock.app" rrtype="HTTPS" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_index._agents.knock.app" rrtype="SVCB" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_index._agents.knock.app" rrtype="ANY" resolver="node-resolveAny-fallback" answerCount=0 error="queryAny ETIMEOUT _index._agents.knock.app"WARNDNS query returned no DNS-AID answers name="_a2a._agents.knock.app" rrtype="HTTPS" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_a2a._agents.knock.app" rrtype="SVCB" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_a2a._agents.knock.app" rrtype="ANY" resolver="node-resolveAny-fallback" answerCount=0 error="queryAny ETIMEOUT _a2a._agents.knock.app"WARNCompare total DNS-AID answer count actual=0 expected="> 0"WARNNo DNS-AID HTTPS/SVCB records were found under _agents.Check DNSSEC authentication evidence [warning]! DNSSEC authentication evidence was not visible for the DNS-AID labels or hostname.INFOCheck DNSSEC authentication evidenceWARNCompare DNSSEC authenticated-data flag actual=false expected=trueWARNCompare visible DNSSEC material actual=false expected=trueWARNResolver did not confirm authenticated DNSSEC data name="_index._agents.knock.app" rrtype="HTTPS" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_index._agents.knock.app" rrtype="SVCB" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_index._agents.knock.app" rrtype="ANY" resolver="node-resolveAny-fallback" dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.knock.app" rrtype="HTTPS" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.knock.app" rrtype="SVCB" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.knock.app" rrtype="ANY" resolver="node-resolveAny-fallback" dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_index._agents.knock.app" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.knock.app" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="knock.app" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNDNSSEC authentication evidence was not visible for the DNS-AID labels or hostname.

Discover RSL declarations [warning]! No RSL declarations were found.INFODiscover RSL declarationsINFOChecking robots.txt License records, HTTP Link rel=license headers, HTML license links, and inline RSL XML robotsFound=trueSKIPCount discovered RSL declarations actual=0 expected=">= 1 when RSL licensing terms are published" sources={}WARNNo RSL declarations were found on any supported discovery surface.

Fetch /.well-known/tdmrep.json [warning]! No TDMRep declaration was found at /.well-known/tdmrep.json.INFOFetch /.well-known/tdmrep.jsonINFORequesting origin-level TDMRep declaration at /.well-known/tdmrep.jsonWARNCompare TDMRep file response actual=404 expected="2xx with JSON array when origin-level TDMRep is published" contentType="text/html; charset=utf-8" length=58650WARNNo TDMRep declaration was found at /.well-known/tdmrep.json. 

Page landmarks [fail]! Expected exactly one visible main landmark; found 2.INFOPage landmarksFAILCheck page landmarks evidence actual={"counts":{"main":2,"roleMain":0,"nav":1,"roleNavigation":0,"header":1,"roleBanner":0,"footer":1,"pageFooter":0,"roleContentinfo":0},"main":false} expected="semantic HTML evidence for this step"FAILPage landmarks failed issue="Expected exactly one visible main landmark; found 2."Heading structure [fail]! Headings skip levels or include empty heading elements.INFOHeading structureFAILCheck heading structure evidence actual={"counts":{"h1":1,"visibleH1":1,"headings":32,"emptyHeadings":0},"meaningfulH1":true} expected="semantic HTML evidence for this step"FAILHeading structure failed issue="Headings skip levels or include empty heading elements."Links [warning]! 2 links use generic anchor text.INFOLinksWARNCheck links evidence actual={"counts":{"links":91,"inaccessibleLinks":0,"nonCrawlableLinks":0,"genericLinks":2},"accessibleLinks":true} expected="semantic HTML evidence for this step"WARNLinks has a warning issue="2 links use generic anchor text."Buttons and interactive controls [fail]! 7 button controls are missing accessible names.INFOButtons and interactive controlsFAILCheck buttons and interactive controls evidence actual={"counts":{"buttons":34,"inaccessibleButtons":7},"accessibleButtons":false} expected="links, buttons, and form controls expose accessible names"FAILButtons and interactive controls failed issue="7 button controls are missing accessible names."Image text alternatives [warning]! 5 image alt text issues were found.INFOImage text alternativesWARNCheck image text alternatives evidence actual={"counts":{"images":67,"imagesWithAlt":67,"imageAltIssues":5},"imageAltCoverage":true} expected="semantic HTML evidence for this step"WARNImage text alternatives has a warning issue="5 image alt text issues were found."

Validate discovery index schema [fail]INFOValidate discovery index schemaINFOParse Agent Skills index JSON validJson=true contentTypeCompatible=trueFAILCompare $schema URI actual="https://schemas.agentskills.io/discovery/0.2.0/schema.json" expected="https://schemas.agentskills.io/discovery/0.2.0/schema.json"FAILCompare top-level schema issue count actual=1 expected=0FAILCompare unknown top-level field count actual=0 expected=0FAILAgent Skills step failedVerify advertised artifacts [warning]! No valid skill artifacts were available to verify.INFOVerify advertised artifactsWARNCompare artifact fetch count actual=0 expected="> 0"WARNNo valid skill artifacts were available to verify.Validate skill content [warning]INFOValidate skill contentWARNAgent Skills step completed with warningsReview skill artifact security [warning]INFOReview skill artifact securityWARNCompare security finding count actual=0 expected=0WARNAgent Skills step completed with warnings

Check API catalog HEAD Link header [warning]! HEAD /.well-known/api-catalog did not expose a Link header with rel="api-catalog".INFOCheck API catalog HEAD Link headerINFOSend HEAD request to API catalog path attempted=true statusCode=200 contentType="application/linkset+json"WARNCompare HEAD Link rel=api-catalog count actual=0 expected="> 0"WARNHEAD /.well-known/api-catalog did not expose a Link header with rel="api-catalog". status="warning"Validate API catalog media type [warning]! The API catalog uses application/linkset+json but does not include the recommended RFC 9727 profile parameter.INFOValidate API catalog media typeWARNCompare API catalog media type actual="application/linkset+json" expected="application/linkset+json"WARNCompare RFC 9727 profile parameter actual=false expected=trueWARNThe API catalog uses application/linkset+json but does not include the recommended RFC 9727 profile parameter. status="warning"Validate API catalog targets [warning]! API catalog targets are external or same-site only; they were recorded but not fetched by this origin-scoped check.INFOValidate API catalog targetsINFOFetch same-origin API catalog targets and record same-site/external skipsSKIPSkipped API catalog target fetch rel="service-doc" href="https://docs.knock.app" resolvedUrl="https://docs.knock.app/" reason="Same-site target was recorded but not fetched."SKIPSkipped API catalog target fetch rel="status" href="https://status.knock.app" resolvedUrl="https://status.knock.app/" reason="Same-site target was recorded but not fetched."SKIPSkipped API catalog target fetch rel="service-doc" href="https://docs.knock.app/mapi-reference/overview/about-the-management-api" resolvedUrl="https://docs.knock.app/mapi-reference/overview/about-the-management-api" reason="Same-site target was recorded but not fetched."SKIPSkipped API catalog target fetch rel="status" href="https://status.knock.app" resolvedUrl="https://status.knock.app/" reason="Same-site target was recorded but not fetched."WARNCompare API catalog target failure count actual=0 expected=0WARNAPI catalog targets are external or same-site only; they were recorded but not fetched by this origin-scoped check. status="warning"

Evaluate script execution [fail]! script-src leaves script execution broadly unrestricted.INFOEvaluate script executionINFOInspect effective script directive effectiveDirective="script-src" sources=["'self'","'unsafe-inline'","'unsafe-eval'","https:"]FAILCompare script execution posture actual={"hasNonce":false,"hasHash":false,"hasStrictDynamic":false,"hasUnsafeInline":true,"hasUnsafeEval":true,"hasWildcardHost":false,"hasBroadScheme":true,"dangerousSchemes":[]} expected="constrained script sources without unsafe execution allowances" issue="script-src leaves script execution broadly unrestricted."FAILscript-src leaves script execution broadly unrestricted.Review CSP reporting [warning]! CSP does not define a reporting endpoint.INFOReview CSP reportingINFOInspect CSP reporting directives reportOnlyHeaderPresent=false reportOnlyDirectives=[]WARNCompare violation reporting configuration actual="no reporting endpoint" expected="report-to or report-uri present" issue="CSP does not define a reporting endpoint."WARNCSP does not define a reporting endpoint.

Schema.org attribution [warning]! Schema.org attribution is incomplete or relies only on publisher/fallback evidence.INFOSchema.org attributionINFOChecking structured data for author, creator, and publisher contributorsWARNCheck named Schema.org author count actual=0 expected="> 0" authorCount=0 publisherCount=1 namedContributors=1 authors=[] publishers=[{"role":"publisher","name":"Knock","type":"Organization","sameAs":[],"format":"json-ld","mergedName":false}] formats=["json-ld"]WARNSchema.org attribution is incomplete or fallback-only authorCount=0 publisherCount=1 authors=[] publishers=[{"role":"publisher","name":"Knock","type":"Organization","sameAs":[],"format":"json-ld","mergedName":false}]

Review observed browser responses [warning]! One or more same-origin HTML documents observed by Chrome did not emit valid frame protection.INFOReview observed browser responsesINFOSample Chrome-observed same-origin responses observedResponseCount=68 sameOriginCount=63 htmlDocumentCount=1WARNCompare observed HTML frame protection actual={"missingOrInvalidFrameProtectionCount":1,"broadFrameAncestorsCount":0,"affected":[{"url":"https://knock.app/","status":200,"resourceType":"document","contentType":"text/html; charset=utf-8","contentSecurityPolicy":"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; connect-src 'self' https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' blob: data: https: *.public.blob.vercel-storage.com; media-src 'self' blob: data: https: *.pu","contentSecurityPolicyReportOnly":null}]} expected="0 missing/invalid or broad same-origin HTML responses" issue="One or more same-origin HTML documents observed by Chrome did not emit valid frame protection."WARNOne or more same-origin HTML documents observed by Chrome did not emit valid frame protection.

Validate max-age [warning]! max-age is below 15552000 seconds.INFOValidate max-ageINFOInspect max-age directive maxAge=2592000 deploymentMinimumSeconds=15552000 preloadStrengthSeconds=31536000WARNCompare HSTS max-age actual=2592000 expected=">= 15552000 seconds" meetsMinimum=false meetsOneYear=false issue="max-age is below 15552000 seconds."WARNmax-age is below 15552000 seconds.

WebSite publisher linkage [fail]! WebSite.publisher is missing.INFOWebSite publisher linkageINFOChecking whether WebSite.publisher points to the Organization entity websiteFormat="json-ld" organizationFormat="json-ld"FAILCheck publisher presence actual=false expected=true publisher={"present":false,"matchesOrganization":false} website={"name":"Knock","url":"https://knock.app"} organization={"name":"Knock","url":"https://knock.app"}FAILCheck publisher matches Organization actual=false expected=trueFAILWebSite publisher is missing

Score llms.txt structure and usefulness [warning]! llms.txt is present, but its structure or link curation is weaker than the emerging proposal and production examples.INFOScore llms.txt structure and usefulnessINFOChecking recommended summary, sections, link labels, agent-friendly links, duplicates, and unsafe targetsWARNCheck blockquote summary is present actual=false expected=truePASSCheck H2 section count actual=6 expected="> 0"PASSCheck Markdown-formatted links actual=222 expected="> 0"PASSCheck unsafe/private link count actual=0 expected=0WARNllms.txt structure-quality validation completed with warnings reason="llms.txt is present, but its structure or link curation is weaker than the emerging proposal and production examples."Inspect optional llms-full.txt [informational]INFOInspect optional llms-full.txtINFOTrying to fetch /llms-full.txt url="https://knock.app/llms-full.txt"SKIP/llms-full.txt is not present statusCode=404

Schema policy recommendations [warning]! SoftwareApplication schema is missing recommended Google field(s): offers.priceCurrency.INFOSchema policy recommendationsINFOChecking search feature recommended fields on detected primary schema nodesWARNCheck schema policy recommendation issue count actual=1 expected=0 issues=[{"schemaTypes":["SoftwareApplication"],"format":"json-ld","missingRecommended":["offers.priceCurrency"],"fieldEvidence":[{"name":"aggregateRating","present":true,"value":"AggregateRating","format":"json-ld"},{"name":"offers.priceCurrency","present":false,"format":"json-ld"}],"message":"SoftwareApplication schema is missing recommended Google field(s): offers.priceCurrency."}]WARNSchema policy recommendations are missing issues=[{"schemaTypes":["SoftwareApplication"],"format":"json-ld","missingRecommended":["offers.priceCurrency"],"fieldEvidence":[{"name":"aggregateRating","present":true,"value":"AggregateRating","format":"json-ld"},{"name":"offers.priceCurrency","present":false,"format":"json-ld"}],"message":"SoftwareApplication schema is missing recommended Google field(s): offers.priceCurrency."}]

Find advertised IndexNow key location [informational]! No IndexNow key location was advertised in HTML, Link headers, or robots.txt.INFOFind advertised IndexNow key locationINFOLook for IndexNow key hints in HTML, Link headers, and robots.txt supportedHints=["robots.txt IndexNow-Key","rel=indexnow-key","meta name=indexnow-key-location"]PASSCompare advertised key location count actual=0 expected="> 0"WARNNo IndexNow key location was advertised in HTML, Link headers, or robots.txt.Fetch and validate IndexNow key file [informational]! No discoverable IndexNow key file was found.INFOFetch and validate IndexNow key fileINFOLook for IndexNow key hints in HTML, Link headers, and robots.txt supportedHints=["robots.txt IndexNow-Key","rel=indexnow-key","meta name=indexnow-key-location"]PASSCompare advertised key location count actual=0 expected="> 0"INFOFetch each advertised same-origin key file and validate filename/body matchFAILCompare valid IndexNow key file count actual=0 expected="> 0"WARNNo discoverable IndexNow key file was found.