Export Report
OVERALL SCORE
Level 3, Bot-Aware
- AI Discoverability 57 out of 100
- Agent Ease of Use 59 out of 100
- Security & Trust 91 out of 100
- GEO, AIO and AEO 65 out of 100
- SEO 100 out of 100
- Performance 91 out of 100
- Accessibility 60 out of 100
What AI sees of your website
MapTools - Tools and information for using UTM, MGRS and latitude longitude coordinates
MapTools — coordinate plotting tools and clear guides to land navigation, coordinate systems, map reading, compass, and GPS.
Next step
Turn this report into a fix workflow
2 failed checks are ready to move into MCP or CLI remediation. Generate a repair prompt, connect the scanner to your coding agent, or open the integration docs before your next rescan.
| Metric | Score | Status | Passed | Failed | Warning | Evidence |
|---|---|---|---|---|---|---|
| AI Discoverability | 57 | Needs work | 23 | 1 | 1 | View details |
| Discoverability | 67 | Needs work | 8 | 0 | 0 | |
| Content Readiness | 40 | Priority fix | 12 | 1 | 1 | View details |
| Bot Access Control | 63 | Needs work | 3 | 0 | 0 | |
| Agent Ease of Use | 59 | Needs work | 5 | 2 | 2 | View details |
| Skill Discovery | 49 | Priority fix | 2 | 2 | 2 | View details |
| Google Agentic Browsing | 100 | Strong | 3 | 0 | 0 | |
| GEO, AIO and AEO | 65 | Needs work | 10 | 0 | 0 | |
| GEO Readiness | Not Applicable | Not Applicable | 3 | 0 | 0 | |
| AIO Readiness | Not Applicable | Not Applicable | 4 | 0 | 0 | |
| AEO Readiness | Not Applicable | Not Applicable | 3 | 0 | 0 | |
| SEO | 100 | Strong | 9 | 0 | 0 | |
| SEO | 100 | Strong | 9 | 0 | 0 | |
| Security & Trust | 91 | Strong | 24 | 1 | 2 | View details |
| Security & Trust | 91 | Strong | 24 | 1 | 2 | View details |
| Performance | 91 | Strong | 14 | 0 | 0 | |
| Performance | 91 | Strong | 14 | 0 | 0 |
Prioritized recommendations
Issues ranked by score impact
3 items need attention
Agent Ease of UseSkill DiscoveryEmerging recommendation
A2A Agent Card
A2A Agent Card failed at "Detect A2A card version".
56 Fail
Agent Ease of UseSkill DiscoveryEmerging recommendation
A2A Agent Card
A2A Agent Card failed at "Detect A2A card version".
Needs attention
A2A Agent Card
Issue
The discovered JSON document does not match a supported A2A Agent Card version family.
Details
Why it matters
A2A Agent Cards provide protocol-specific discovery for agent identity, skills, input and output modes, transport bindings, capabilities, and security requirements. Legacy A2A also used /.well-known/agent.json, so scanners must classify the card shape before reporting readiness.
Check name
A2A Agent Card
Score
44/100
Status
fail
Category
Skill Discovery
Maturity
Emerging recommendation
Goal
Publish a version-appropriate A2A Agent Card so A2A-compatible clients can discover agent skills and invoke the declared endpoint safely.
Result
A2A Agent Card failed at "Detect A2A card version".
Validation steps
Discover A2A Agent Card
The A2A Agent Card was found at a legacy or fallback path.
A2A Agent Card is missing or discovered at a non-canonical path
Detect A2A card version
The discovered JSON document does not match a supported A2A Agent Card version family.
A2A Agent Card version cannot be classified cleanly
Validate version-specific card shape
Document does not match a supported A2A Agent Card shape.
A2A Agent Card shape is invalid for its version
Missing required fields
- skills[]
Probe same-origin A2A endpoint
A2A endpoint probing was skipped because the endpoint was cross-origin, unavailable from the card, or uses an unsupported binding.
Advertised same-origin A2A endpoint did not answer a safe probe
Evidence log4 steps · 21 lines
Discover A2A Agent Card [warning]! The A2A Agent Card was found at a legacy or fallback path.INFODiscover A2A Agent CardINFOTry A2A discovery paths in priority order paths=["/.well-known/agent-card.json","/.well-known/agent.json","/agent-card.json","/.well-known/a2a/agent-card.json"]WARNA2A candidate path did not return a usable card path="/.well-known/agent-card.json" statusCode=404 contentType="text/html; charset=UTF-8"PASSFound an A2A candidate path="/.well-known/agent.json" statusCode=200 contentType="application/json" bytes=1482WARNA2A candidate path did not return a usable card path="/agent-card.json" statusCode=404 contentType="text/html; charset=UTF-8"WARNA2A candidate path did not return a usable card path="/.well-known/a2a/agent-card.json" statusCode=404 contentType="text/html; charset=UTF-8"WARNSelected non-canonical A2A Agent Card path="/.well-known/agent.json" pathClass="legacy-a2a" requestedUrl="https://maptools.com/.well-known/agent.json"WARNThe A2A Agent Card was found at a legacy or fallback path.Detect A2A card version [fail]! The discovered JSON document does not match a supported A2A Agent Card version family.INFODetect A2A card versionINFORead version indicators from the card detectionEvidence=[]FAILCompare detected A2A version family actual="unknown" expected="v0.1, v0.2, v0.3, or v1"FAILThe discovered JSON document does not match a supported A2A Agent Card version family.Validate version-specific card shape [fail]! Document does not match a supported A2A Agent Card shape.INFOValidate version-specific card shapeFAILCompare missing required card fields actual=["skills[]"] expected="none"FAILCheck every declared A2A skill has required name, description, and endpoint fields actual=0 expected=0 invalidSkills=[]INFOReview declared endpoint interfaces interfaces=[]FAILDocument does not match a supported A2A Agent Card shape.Probe same-origin A2A endpoint [warning]! A2A endpoint probing was skipped because the endpoint was cross-origin, unavailable from the card, or uses an unsupported binding.INFOProbe same-origin A2A endpointINFOProbe same-origin A2A endpoint when scanner policy allows itSKIPSkipped endpoint probe reason="No valid A2A card was available to probe."WARNA2A endpoint probing was skipped because the endpoint was cross-origin, unavailable from the card, or uses an unsupported binding.
AI DiscoverabilityContent ReadinessEstablished
Author attribution
Author attribution is partially implemented.
45 Warning
AI DiscoverabilityContent ReadinessEstablished
Author attribution
Author attribution is partially implemented.
Needs attention
Author attribution
Issue
No named author or publisher identity could be extracted.
Details
Why it matters
Author attribution helps agents cite content responsibly, assess source credibility, and distinguish editorial pages from anonymous marketing copy.
Check name
Author attribution
Score
55/100
Status
warning
Category
Content Readiness
Maturity
Established
Goal
Identify content authors or publishers for trust and attribution.
Result
Author attribution is partially implemented.
Validation steps
Schema.org attribution
Schema.org attribution is incomplete or relies only on publisher/fallback evidence.
Schema.org author attribution is missing or incomplete
Author identity quality
No named author or publisher identity could be extracted.
Author identity quality is incomplete
Evidence log2 steps · 8 lines
Schema.org attribution [warning]! Schema.org attribution is incomplete or relies only on publisher/fallback evidence.INFOSchema.org attributionINFOChecking structured data for author, creator, and publisher contributorsWARNCheck named Schema.org author count actual=0 expected="> 0" authorCount=0 publisherCount=0 namedContributors=0 authors=[] publishers=[] formats=[]WARNSchema.org attribution is incomplete or fallback-only authorCount=0 publisherCount=0 authors=[] publishers=[]Author identity quality [fail]! No named author or publisher identity could be extracted.INFOAuthor identity qualityINFOChecking contributors for stable identity signalsFAILCheck identified contributor count actual=0 expected="> 0" namedContributors=0 identifiedContributors=[] unidentifiedContributors=[]FAILNo named contributor identity could be extracted
Security & TrustSecurity & TrustEstablished
Content-Security-Policy
Content-Security-Policy failed at "Evaluate script execution".
35 Fail
Security & TrustSecurity & TrustEstablished
Content-Security-Policy
Content-Security-Policy failed at "Evaluate script execution".
Needs attention
Content-Security-Policy
Issue
script-src allows dangerous script schemes: data:.
Details
Why it matters
Content Security Policy reduces the impact of injection bugs by limiting where scripts, styles, frames, forms, and other browser resources can load or execute.
Check name
Content-Security-Policy
Score
65/100
Status
fail
Category
Security & Trust
Maturity
Established
Goal
Constrain browser resource loading and script execution with an enforcing Content-Security-Policy header.
Result
Content-Security-Policy failed at "Evaluate script execution".
Validation steps
Evaluate script execution
script-src allows dangerous script schemes: data:.
CSP script execution policy is unsafe
Review hardening directives
CSP is missing recommended hardening directives: object-src, base-uri, form-action.
CSP hardening directives are missing or weak
Review CSP reporting
CSP does not define a reporting endpoint.
CSP reporting is missing or incomplete
Evidence log3 steps · 12 lines
Evaluate script execution [fail]! script-src allows dangerous script schemes: data:.INFOEvaluate script executionINFOInspect effective script directive effectiveDirective="script-src" sources=["'self'","'unsafe-inline'","'unsafe-eval'","data:","https://js.braintreegateway.com","https://assets.braintreegateway.com","https://*.paypal.com"]FAILCompare script execution posture actual={"hasNonce":false,"hasHash":false,"hasStrictDynamic":false,"hasUnsafeInline":true,"hasUnsafeEval":true,"hasWildcardHost":false,"hasBroadScheme":false,"dangerousSchemes":["data:"]} expected="constrained script sources without unsafe execution allowances" issue="script-src allows dangerous script schemes: data:."FAILscript-src allows dangerous script schemes: data:.Review hardening directives [warning]! CSP is missing recommended hardening directives: object-src, base-uri, form-action.INFOReview hardening directivesINFOInspect CSP hardening directives objectSrcFallback=["'self'"] frameAncestors=["'self'"] formCount=1WARNCompare recommended hardening coverage actual=["object-src","base-uri","form-action"] expected="no missing object-src/base-uri/form-action requirements" issue="CSP is missing recommended hardening directives: object-src, base-uri, form-action."WARNCSP is missing recommended hardening directives: object-src, base-uri, form-action.Review CSP reporting [warning]! CSP does not define a reporting endpoint.INFOReview CSP reportingINFOInspect CSP reporting directives reportOnlyHeaderPresent=false reportOnlyDirectives=[]WARNCompare violation reporting configuration actual="no reporting endpoint" expected="report-to or report-uri present" issue="CSP does not define a reporting endpoint."WARNCSP does not define a reporting endpoint.
Sign in to see 36 other issues and the full report
Create a free account to unlock every issue, evidence details, exports, and higher free limits.
Fix with MCP or CLI
Use this report as the handoff into remediation. Generate a coding-agent prompt with the failing checks attached, or jump to the MCP and CLI setup docs before your next rescan.
Score history