Discover MCP server card [warning]! The MCP server card was found only at a transitional or linked path.INFODiscover MCP server card candidateCount=5INFOBuild MCP server-card candidate list currentPath="/.well-known/mcp-server-card" transitionalPaths=["/.well-known/mcp/server-card.json","/.well-known/mcp/server-cards.json","/mcp.json","/.well-known/mcp.json"] linkedPaths=["/.well-known/mcp/server-card.json"]INFOTrying to fetch /.well-known/mcp-server-card url="https://oss.medama.io/.well-known/mcp-server-card" source="current"FAIL/.well-known/mcp-server-card did not return a usable server card statusCode=404 contentType="text/html; charset=utf-8"INFOTrying to fetch /.well-known/mcp/server-card.json url="https://oss.medama.io/.well-known/mcp/server-card.json" source="transitional"PASS/.well-known/mcp/server-card.json returned a successful response statusCode=200 contentType="application/json" finalUrl="https://oss.medama.io/.well-known/mcp/server-card.json"INFOTrying to fetch /.well-known/mcp/server-cards.json url="https://oss.medama.io/.well-known/mcp/server-cards.json" source="transitional"PASS/.well-known/mcp/server-cards.json returned a successful response statusCode=200 contentType="application/json" finalUrl="https://oss.medama.io/.well-known/mcp/server-cards.json"INFOTrying to fetch /mcp.json url="https://oss.medama.io/mcp.json" source="transitional"FAIL/mcp.json did not return a usable server card statusCode=404 contentType="text/plain;charset=UTF-8"INFOTrying to fetch /.well-known/mcp.json url="https://oss.medama.io/.well-known/mcp.json" source="transitional"PASS/.well-known/mcp.json returned a successful response statusCode=200 contentType="application/json" finalUrl="https://oss.medama.io/.well-known/mcp.json"WARNCheck selected card is published at the current well-known path actual="/.well-known/mcp/server-card.json" expected="/.well-known/mcp-server-card" source="transitional" finalUrl="https://oss.medama.io/.well-known/mcp/server-card.json"WARNMCP server card was discovered through a transitional or linked path path="/.well-known/mcp/server-card.json" source="transitional" reason="The MCP server card was found only at a transitional or linked path."Validate server-card shape [fail]! MCP Server Card is missing required fields: protocolVersion, transport or transports.INFOValidate server-card shape profile="legacy-server-card"PASSCheck response body parsed as JSON actual=true expected=truePASSCheck Content-Type is JSON-compatible actual=true expected=trueWARNCheck recognized MCP server-card profile actual="legacy-server-card" expected="sep-2127-draft" reason="Document uses the transitional serverInfo/protocolVersion/transport metadata model."FAILCheck required card fields are present actual=2 expected=0 missing=["protocolVersion","transport or transports"]WARNCheck MCP server-card uses the current remotes[] profile without legacy compatibility warnings actual="2 compatibility warning(s)" expected="current sep-2127-draft card shape with no legacy compatibility warnings" warnings=["Card uses the transitional serverInfo/protocolVersion/transport shape instead of the current remotes[] model.","Static tools/resources/prompts are present; MCP primitives should normally be listed at runtime after connection."]FAILMCP server-card shape validation failed reason="MCP Server Card is missing required fields: protocolVersion, transport or transports."Validate MCP remotes [fail]! No usable MCP remote transport was declared.INFOValidate MCP remotes remoteCount=0FAILCheck at least one MCP remote is declared actual=0 expected="> 0"PASSCheck invalid remote count actual=0 expected=0 invalidRemotes=[]PASSCheck same-origin remote coverage actual=0 expected=0FAILMCP remote validation failed reason="No usable MCP remote transport was declared."Probe same-origin MCP endpoint [warning]! No MCP remote endpoint could be probed.INFOProbe same-origin MCP endpoint probeCount=0INFOSelecting same-origin unauthenticated MCP remotes for a bounded initialize probeWARNCheck successful initialize probe count actual=0 expected="> 0 when a safe same-origin unauthenticated remote exists" activeProbeCount=0 authBlocked=0WARNMCP endpoint probe could not fully confirm operability reason="No MCP remote endpoint could be probed."

Fetch discovery metadata [fail]! OAuth/OIDC was claimed or referenced, but no registered OAuth/OIDC discovery document was found.INFOFetch discovery metadataINFOTrying OAuth/OIDC well-known metadata candidates checkedCount=2INFOChecked discovery candidate path="/.well-known/openid-configuration" statusCode=404 contentType="text/html; charset=utf-8" length=115794INFOChecked discovery candidate path="/.well-known/oauth-authorization-server" statusCode=404 contentType=null length=0FAILCheck discovery metadata fetch succeeded actual=2 expected="HTTP 2xx JSON metadata document"FAILFetch discovery metadata failed issue="OAuth/OIDC was claimed or referenced, but no registered OAuth/OIDC discovery document was found."

Fetch same-origin Link header targets [fail]! Link header target /.well-known/api-catalog (api-catalog) returned HTTP 404 instead of a 2xx/3xx response.INFOFetch same-origin Link header targetsINFOFetch same-origin Link header targets and record external skipsFAILLink target failed reachability or media-type validation rel="api-catalog" url="/.well-known/api-catalog" statusCode=404 contentType="text/plain;charset=UTF-8" typeMatches=trueFAILCompare same-origin Link target failures actual=1 expected=0FAILLink header target /.well-known/api-catalog (api-catalog) returned HTTP 404 instead of a 2xx/3xx response.

Detect protected-resource applicability [warning]! Generic authentication signals were found, but no OAuth Protected Resource metadata signal was detected.INFODetect protected-resource applicabilityINFOInspecting auth headers, MCP/OAuth claims, and protected-resource hints applies=false requiresAuthorizationServers=false signalsCount=0 genericAuthSignalsCount=2 checkedCount=2WARNCheck protected-resource metadata applicability actual=false expected="true when RFC 9728 metadata exists or support is claimed" checked=[{"url":"https://oss.medama.io/.well-known/oauth-protected-resource","path":"/.well-known/oauth-protected-resource","source":"root-well-known","resourceIdentifier":"https://oss.medama.io","statusCode":404,"contentType":null,"length":0},{"url":"https://oss.medama.io/.well-known/oauth-protected-resource/introduction","path":"/.well-known/oauth-protected-resource/introduction","source":"final-url-path","resourceIdentifier":"https://oss.medama.io/introduction","statusCode":404,"contentType":null,"length":0}]WARNDetect protected-resource applicability completed with warnings issue="Generic authentication signals were found, but no OAuth Protected Resource metadata signal was detected."

Detect WebMCP runtime API [informational]INFODetect WebMCP runtime API status="informational"INFOProbe rendered browser for WebMCP runtime objects SKIPCheck current W3C runtime API actual="not detected" expected="document.modelContext/registerTool available"INFOWebMCP evidence was recorded for context. status="informational"Probe WebMCP operability [warning]! No WebMCP surface was found to probe.INFOProbe WebMCP operability status="warning"INFORun safe WebMCP operability checks safeProbeOnly=trueWARNCheck usable WebMCP evidence actual=0 expected="at least 1 usable runtime, declarative, annotation, or static manifest signal"WARNWebMCP operability warning warning="No WebMCP surface was found to probe."WARNWebMCP operability warning warning="Conventional WebMCP manifest paths were checked but did not return a valid manifest."WARNNo WebMCP surface was found to probe.Validate declarative WebMCP form tools [informational]! No W3C-style declarative WebMCP form attributes were found.INFOValidate declarative WebMCP form tools status="informational"INFOInspect visible forms and controls for current declarative WebMCP attributes annotatedElements=0 formsWithAttributes=0 controlsWithAttributes=0SKIPValidate declarative WebMCP attribute quality actual=0 expected=0INFONo W3C-style declarative WebMCP form attributes were found. status="informational"Validate MCP-aware HTML annotations [informational]! No data-mcp-tool or hyphenated WebMCP compatibility annotations were found.INFOValidate MCP-aware HTML annotations status="informational"INFOInspect HTML for MCP compatibility annotations compatibilityAttributeCount=0 dataMcpToolCount=0 examples=[]SKIPValidate compatibility annotation quality actual=0 expected=0INFONo data-mcp-tool or hyphenated WebMCP compatibility annotations were found. status="informational"Validate static WebMCP JSON compatibility [warning]! No static WebMCP JSON manifest or WMCP interaction graph was found.INFOValidate static WebMCP JSON compatibility status="warning"INFODiscover static WebMCP manifest candidates conventionalPaths=["/.well-known/webmcp.json","/webmcp.json"] checkedCount=2 profileCounts={}INFOWebMCP manifest candidate checked source="path" path="/.well-known/webmcp.json" url="https://oss.medama.io/.well-known/webmcp.json" statusCode=404 contentType="text/plain;charset=UTF-8"INFOWebMCP manifest candidate checked source="path" path="/webmcp.json" url="https://oss.medama.io/webmcp.json" statusCode=404 contentType="text/plain;charset=UTF-8"WARNValidate discovered static WebMCP metadata actual={"validManifestCount":0,"invalidManifestCount":0,"toolCount":0,"wmcpActionCount":0} expected="at least 1 valid tools[] manifest or WMCP graph when static metadata is present"WARNNo static WebMCP JSON manifest or WMCP interaction graph was found.Validate WebMCP tool metadata quality [informational]INFOValidate WebMCP tool metadata quality status="informational"INFOInspect WebMCP tool names, descriptions, schemas, and safety hints toolCount=0SKIPCheck tool metadata findings actual={"issueCount":0,"warningCount":0} expected="0 issues and 0 warnings"INFOWebMCP evidence was recorded for context. status="informational"Review WebMCP security and policy signals [informational]INFOReview WebMCP security and policy signals status="informational"INFOInspect WebMCP security and policy signals permissionsPolicy="(missing)" failureCount=0 warningCount=0PASSCheck security findings actual={"failures":0,"warnings":0} expected="0 failures and 0 warnings"INFOWebMCP evidence was recorded for context. status="informational"

Classify AI crawler rules [fail]! No explicit User-agent rules were found for major AI crawler tokens.INFOClassify AI crawler rulesINFOParsing User-agent groups and Allow/Disallow records for known AI crawler tokens evaluatedPath="/"INFOEvaluating exact User-agent matches before wildcard fallback exactAiPolicyCount=0 totalCrawlerTokens=18FAILNo explicit AI crawler User-agent groups were found examplesExpected=["GPTBot","OAI-SearchBot","ClaudeBot","Google-Extended","CCBot"]FAILCompare explicit AI crawler coverage actual=0 expected="> 0 explicit non-search AI crawler policies" missingTokens=["GPTBot","OAI-SearchBot","ChatGPT-User","ClaudeBot","Claude-SearchBot","Claude-User","Google-Extended","Applebot-Extended","Amazonbot","Amzn-SearchBot","Amzn-User","PerplexityBot"]INFOResolved effective root-path policy for crawler tokens blocked=0 allowed=21 unspecified=0

Validate Last-Modified header [fail]! No valid Last-Modified HTTP header was found.INFOValidate Last-Modified headerINFOReading Last-Modified response headerFAILCheck Last-Modified header is present and parseable actual="missing" expected="valid" alternateDates=[]FAILLast-Modified header is missing or invalidValidate structured freshness dates [fail]! No Schema.org freshness dates were found.INFOValidate structured freshness datesINFOCollecting Schema.org freshness dates from JSON-LD, Microdata, and RDFaFAILCheck structured freshness date count actual=0 expected="> 0" invalidDateCount=0 formats={} alternateDates=[]FAILNo structured freshness dates foundValidate metadata freshness dates [fail]! No Open Graph, Dublin Core, or generic meta freshness date was found.INFOValidate metadata freshness datesINFOCollecting Open Graph, Dublin Core, and generic meta freshness datesFAILCheck metadata freshness date count actual=0 expected="> 0" metaDateCount=0 invalidDateCount=0 alternateDates=[]FAILNo metadata freshness dates foundCorroborate with sitemap lastmod [warning]INFOCorroborate with sitemap lastmodINFODiscovering sitemap candidates and matching the scanned page URL candidateCount=2 attempts=2WARNCheck matching sitemap lastmod actual="no match" expected="valid match when available" robotsStatusCode=200WARNNo matching sitemap lastmod found after sitemap attempts attempts=2

Discover RSL declarations [warning]! No RSL declarations were found.INFODiscover RSL declarationsINFOChecking robots.txt License records, HTTP Link rel=license headers, HTML license links, and inline RSL XML robotsFound=trueSKIPCount discovered RSL declarations actual=0 expected=">= 1 when RSL licensing terms are published" sources={}WARNNo RSL declarations were found on any supported discovery surface.

Fetch /.well-known/tdmrep.json [warning]! No TDMRep declaration was found at /.well-known/tdmrep.json.INFOFetch /.well-known/tdmrep.jsonINFORequesting origin-level TDMRep declaration at /.well-known/tdmrep.jsonWARNCompare TDMRep file response actual=404 expected="2xx with JSON array when origin-level TDMRep is published" contentType="text/plain;charset=UTF-8" length=15WARNNo TDMRep declaration was found at /.well-known/tdmrep.json. 

Fetch API catalog [warning]! This origin appears to publish or claim public APIs, but no RFC 9727 API catalog was found.INFOFetch API catalogINFOFetch /.well-known/api-catalog requestedUrl="https://oss.medama.io/.well-known/api-catalog"WARNCompare API catalog HTTP status actual=404 expected="2xx/3xx"WARNThis origin appears to publish or claim public APIs, but no RFC 9727 API catalog was found. status="warning"

Discover OpenAPI document [warning]! The site appears to publish or document a public API, but no OpenAPI or Swagger document was found.INFODiscover OpenAPI document status="warning"INFOBuild OpenAPI candidate list conventionalPaths=19 candidateCount=19 sources={"conventional-path":19}INFOFetch OpenAPI candidate path="/openapi.json" source="conventional-path" statusCode=404 contentType="text/plain;charset=UTF-8"INFOFetch OpenAPI candidate path="/openapi.yaml" source="conventional-path" statusCode=404 contentType="text/plain;charset=UTF-8"INFOFetch OpenAPI candidate path="/swagger.json" source="conventional-path" statusCode=404 contentType="text/plain;charset=UTF-8"INFOFetch OpenAPI candidate path="/swagger.yaml" source="conventional-path" statusCode=404 contentType="text/plain;charset=UTF-8"INFOFetch OpenAPI candidate path="/api/openapi.json" source="conventional-path" statusCode=404 contentType="text/plain;charset=UTF-8"INFOFetch OpenAPI candidate path="/api/openapi.yaml" source="conventional-path" statusCode=404 contentType="text/plain;charset=UTF-8"INFOFetch OpenAPI candidate path="/api/swagger.json" source="conventional-path" statusCode=404 contentType="text/plain;charset=UTF-8"INFOFetch OpenAPI candidate path="/api/swagger.yaml" source="conventional-path" statusCode=404 contentType="text/plain;charset=UTF-8"INFOFetch OpenAPI candidate path="/docs/openapi.json" source="conventional-path" statusCode=404 contentType="text/plain;charset=UTF-8"INFOFetch OpenAPI candidate path="/docs/openapi.yaml" source="conventional-path" statusCode=404 contentType="text/plain;charset=UTF-8"INFOFetch OpenAPI candidate path="/api-docs" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"INFOFetch OpenAPI candidate path="/v3/api-docs" source="conventional-path" statusCode=404 contentType="text/html; charset=utf-8"WARNSelect a usable OpenAPI candidate actual="none" expected="same-origin candidate with a parseable OpenAPI or Swagger document"WARNThe site appears to publish or document a public API, but no OpenAPI or Swagger document was found.

Markdown representation [fail]! No usable Markdown representation was found through negotiation, advertised alternates, or conservative .md mirror checks.INFOMarkdown representationFAILCheck usable Markdown representation was selected actual={"source":"negotiated","url":"https://oss.medama.io/introduction","statusCode":200,"contentType":"text/markdown; charset=utf-8","mediaType":"text/markdown","vary":"rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, accept-encoding","requireVaryAccept":true,"contentTypeStatus":"pass","cacheStatus":"fail","bodyStatus":"fail","pass":false,"quality":{"valid":false,"formatStatus":"fail","dialect":"mdx-like","hasHeading":true,"headingCount":3,"wordCount":196,"features":{"markdownLinks":1,"referenceLinks":0,"listItems":4,"tables":0,"taskListItems":0,"fencedCodeBlocks":0,"yamlFrontmatter":false,"jsonLdFencedBlocks":0,"admonitions":0,"strikethrough":0,"autolinks":0,"rawHtmlTags":0,"jsxOrMdxSignals":3},"issues":["mdx-jsx-source-leakage"],"excerpt":"> ## Documentation Index\n> Fetch the complete documentation index at: https://medama.mintlify.app/llms.txt\n> Use this file to discover all available pages before exploring further.\n\n# Introduction\n\nMedama Analytics is an open-source project","issue":"Markdown response appears to expose MDX/JSX source rather than rendered agent-facing Markdown."}} expected="negotiated, advertised alternate, or conventional mirror" selected={"source":"negotiated","url":"https://oss.medama.io/introduction","statusCode":200,"contentType":"text/markdown; charset=utf-8","mediaType":"text/markdown","vary":"rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, accept-encoding","requireVaryAccept":true,"contentTypeStatus":"pass","cacheStatus":"fail","bodyStatus":"fail","pass":false,"quality":{"valid":false,"formatStatus":"fail","dialect":"mdx-like","hasHeading":true,"headingCount":3,"wordCount":196,"features":{"markdownLinks":1,"referenceLinks":0,"listItems":4,"tables":0,"taskListItems":0,"fencedCodeBlocks":0,"yamlFrontmatter":false,"jsonLdFencedBlocks":0,"admonitions":0,"strikethrough":0,"autolinks":0,"rawHtmlTags":0,"jsxOrMdxSignals":3},"issues":["mdx-jsx-source-leakage"],"excerpt":"> ## Documentation Index\n> Fetch the complete documentation index at: https://medama.mintlify.app/llms.txt\n> Use this file to discover all available pages before exploring further.\n\n# Introduction\n\nMedama Analytics is an open-source project","issue":"Markdown response appears to expose MDX/JSX source rather than rendered agent-facing Markdown."}} candidatesChecked=2FAILMarkdown representation failed issue="No usable Markdown representation was found through negotiation, advertised alternates, or conservative .md mirror checks."Same-URL negotiation [fail]! Same-URL Accept: text/markdown did not return a valid Markdown representation.INFOSame-URL negotiationFAILCheck negotiated Markdown response actual={"statusCode":200,"mediaType":"text/markdown","vary":"rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, accept-encoding"} expected="HTTP 2xx text/markdown with Vary: Accept" url="https://oss.medama.io/introduction" statusCode=200 mediaType="text/markdown" vary="rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, accept-encoding"FAILSame-URL negotiation failed issue="Same-URL Accept: text/markdown did not return a valid Markdown representation."Markdown format validation [fail]! Markdown response appears to expose MDX/JSX source rather than rendered agent-facing Markdown.INFOMarkdown format validationFAILCheck Markdown body quality actual={"valid":false,"wordCount":196,"headingCount":3,"dialect":"mdx-like"} expected="valid Markdown with substantive text and headings" valid=false dialect="mdx-like" wordCount=196 headingCount=3FAILMarkdown format validation failed issue="Markdown response appears to expose MDX/JSX source rather than rendered agent-facing Markdown."Advertised Markdown alternate [warning]! No Link or HTML rel=alternate text/markdown URL was advertised.INFOAdvertised Markdown alternateWARNCheck advertised Markdown alternate candidates actual=0 expected="> 0 when HTML advertises a Markdown alternate" advertisedUrls=[] candidateCount=0WARNAdvertised Markdown alternate has a warning issue="No Link or HTML rel=alternate text/markdown URL was advertised."Conventional .md mirror [fail]! Conventional .md mirror candidates did not return valid Markdown.INFOConventional .md mirrorFAILCheck conventional Markdown mirror candidates actual=1 expected="> 0 when a conventional mirror is discoverable" conventionalUrls=["https://oss.medama.io/introduction.md"] candidateCount=1FAILConventional .md mirror failed issue="Conventional .md mirror candidates did not return valid Markdown."

Discover Agent Skills index [warning]! No Agent Skills discovery index was found at the canonical or legacy path.INFODiscover Agent Skills indexINFOTry Agent Skills index paths in priority order paths=["/.well-known/agent-skills/index.json","/.well-known/skills/index.json"]WARNAgent Skills index candidate was not usable path="/.well-known/agent-skills/index.json" url="https://oss.medama.io/.well-known/agent-skills/index.json" statusCode=404WARNAgent Skills index candidate was not usable path="/.well-known/skills/index.json" url="https://oss.medama.io/.well-known/skills/index.json" statusCode=404WARNNo Agent Skills discovery index was found at the canonical or legacy path.

Discover agents.json [warning]! No Wildcard-style agents.json file was found.INFODiscover agents.jsonINFOTry agents.json discovery paths in priority order paths=["/.well-known/agents.json","/agents.json"]WARNagents.json candidate path did not return a usable contract path="/.well-known/agents.json" statusCode=404 contentType="text/plain;charset=UTF-8"WARNagents.json candidate path did not return a usable contract path="/agents.json" statusCode=404 contentType="text/plain;charset=UTF-8"WARNNo agents.json candidate was selectedWARNNo Wildcard-style agents.json file was found.

Query DNS-AID records [warning]! No DNS-AID HTTPS/SVCB records were found under _agents.INFOQuery DNS-AID recordsINFOBuild DNS-AID query names from hostname hostname="oss.medama.io" labels=["_index._agents.oss.medama.io","_a2a._agents.oss.medama.io"] claimedOnPage=falseWARNDNS query returned no DNS-AID answers name="_index._agents.oss.medama.io" rrtype="HTTPS" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_index._agents.oss.medama.io" rrtype="SVCB" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_index._agents.oss.medama.io" rrtype="ANY" resolver="node-resolveAny-fallback" answerCount=0 error="queryAny ETIMEOUT _index._agents.oss.medama.io"WARNDNS query returned no DNS-AID answers name="_a2a._agents.oss.medama.io" rrtype="HTTPS" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_a2a._agents.oss.medama.io" rrtype="SVCB" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_a2a._agents.oss.medama.io" rrtype="ANY" resolver="node-resolveAny-fallback" answerCount=0 error="queryAny ETIMEOUT _a2a._agents.oss.medama.io"WARNCompare total DNS-AID answer count actual=0 expected="> 0"WARNNo DNS-AID HTTPS/SVCB records were found under _agents.Check DNSSEC authentication evidence [warning]! DNSSEC authentication evidence was not visible for the DNS-AID labels or hostname.INFOCheck DNSSEC authentication evidenceWARNCompare DNSSEC authenticated-data flag actual=false expected=trueWARNCompare visible DNSSEC material actual=false expected=trueWARNResolver did not confirm authenticated DNSSEC data name="_index._agents.oss.medama.io" rrtype="HTTPS" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_index._agents.oss.medama.io" rrtype="SVCB" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_index._agents.oss.medama.io" rrtype="ANY" resolver="node-resolveAny-fallback" dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.oss.medama.io" rrtype="HTTPS" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.oss.medama.io" rrtype="SVCB" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.oss.medama.io" rrtype="ANY" resolver="node-resolveAny-fallback" dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_index._agents.oss.medama.io" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.oss.medama.io" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="oss.medama.io" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="medama.io" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNDNSSEC authentication evidence was not visible for the DNS-AID labels or hostname.

Find Referrer-Policy header [fail]! Referrer-Policy header is missing.INFOFind Referrer-Policy headerINFORead Referrer-Policy delivery header="referrer-policy" value="missing" metaReferrerPolicyCount=0 browserDefault="strict-origin-when-cross-origin"FAILRequire explicit HTTP Referrer-Policy header actual="missing" expected="HTTP response header present" issue="Referrer-Policy header is missing."FAILReferrer-Policy header is missing.Review observed browser responses [warning]! One or more same-origin HTML documents observed by Chrome did not emit Referrer-Policy.INFOReview observed browser responsesINFOSample Chrome-observed same-origin responses observedResponseCount=84 sameOriginCount=70 htmlDocumentCount=1WARNCompare observed Referrer-Policy coverage actual={"missingPolicyCount":1,"unsafeOrInvalidPolicyCount":0,"weakPolicyCount":0,"affected":[{"url":"https://oss.medama.io/introduction","status":200,"resourceType":"document","contentType":"text/html; charset=utf-8","referrerPolicy":null,"classification":"invalid"}]} expected="0 missing, unsafe, invalid, or weak same-origin HTML responses" issue="One or more same-origin HTML documents observed by Chrome did not emit Referrer-Policy."WARNOne or more same-origin HTML documents observed by Chrome did not emit Referrer-Policy.

Organization entity [fail]! No Organization or Organization subtype was found in Schema.org structured data.INFOOrganization entityINFOLooking for Organization or Organization subtype in structured data observedTypes=[]FAILCheck Organization entity presence actual=false expected=true fields=[{"name":"Organization.@type","present":false},{"name":"Organization.@id","present":false},{"name":"Organization.name","present":false},{"name":"Organization.url","present":false},{"name":"Organization.logo","present":false},{"name":"Organization.sameAs","present":false}]FAILOrganization entity is missingIdentity fields [warning]! Missing identity field(s): Organization.name, Organization.url, WebSite.url.INFOIdentity fieldsINFOChecking Organization and WebSite name/url fields websiteFormat="json-ld"WARNCheck required identity fields actual=1 expected=4 missing=["Organization.name","Organization.url","WebSite.url"] organizationFields=[{"name":"Organization.@type","present":false},{"name":"Organization.@id","present":false},{"name":"Organization.name","present":false},{"name":"Organization.url","present":false},{"name":"Organization.logo","present":false},{"name":"Organization.sameAs","present":false}] websiteFields=[{"name":"WebSite.@type","present":true,"value":"WebSite","format":"json-ld"},{"name":"WebSite.@id","present":false,"format":"json-ld"},{"name":"WebSite.name","present":true,"value":"Medama Analytics","format":"json-ld"},{"name":"WebSite.url","present":false,"format":"json-ld"},{"name":"WebSite.publisher.@id","present":false,"format":"json-ld"},{"name":"WebSite.publisher.name","present":false,"format":"json-ld"},{"name":"WebSite.publisher.url","present":false,"format":"json-ld"}]WARNCheck identity URLs match scanned origin actual={"organizationUrlMatchesOrigin":false,"websiteUrlMatchesOrigin":false} expected={"organizationUrlMatchesOrigin":true,"websiteUrlMatchesOrigin":true}WARNIdentity fields are partially complete missing=["Organization.name","Organization.url","WebSite.url"]WebSite publisher linkage [fail]! WebSite.publisher is missing.INFOWebSite publisher linkageINFOChecking whether WebSite.publisher points to the Organization entity websiteFormat="json-ld"FAILCheck publisher presence actual=false expected=true publisher={"present":false,"matchesOrganization":false} website={"name":"Medama Analytics"} organization={}FAILCheck publisher matches Organization actual=false expected=trueFAILWebSite publisher is missingOrganization trust fields [fail]! Organization schema is missing logo and sameAs or public contact evidence.INFOOrganization trust fieldsINFOChecking logo, sameAs, and public contact evidence FAILCheck logo presence actual=false expected=true fields=[{"name":"Organization.logo","present":false},{"name":"Organization.sameAs","present":false},{"name":"Organization.contactPoint","present":false},{"name":"Organization.telephone","present":false},{"name":"Organization.email","present":false},{"name":"Organization.address","present":false}]FAILCheck sameAs or contact evidence actual=0 expected=">= 1" sameAsCount=0 contactSignalCount=0 fields=[{"name":"Organization.logo","present":false},{"name":"Organization.sameAs","present":false},{"name":"Organization.contactPoint","present":false},{"name":"Organization.telephone","present":false},{"name":"Organization.email","present":false},{"name":"Organization.address","present":false}]FAILOrganization trust fields are missing

Find X-Content-Type-Options [fail]! Browser-loadable response is missing X-Content-Type-Options.INFOFind X-Content-Type-OptionsINFORead X-Content-Type-Options header header="x-content-type-options" value="missing"FAILRequire nosniff header actual="missing" expected="present" issue="Browser-loadable response is missing X-Content-Type-Options."FAILBrowser-loadable response is missing X-Content-Type-Options.Review observed browser responses [warning]! One or more same-origin active resources observed by Chrome did not emit X-Content-Type-Options: nosniff.INFOReview observed browser responsesINFOSample Chrome-observed same-origin resources observedResponseCount=84 sameOriginCount=70 eligibleCount=69WARNCompare observed nosniff coverage actual={"missingNosniffCount":69,"malformedNosniffCount":0,"activeResourceMissingNosniffCount":67,"affected":[{"url":"https://oss.medama.io/introduction","status":200,"resourceType":"document","contentType":"text/html; charset=utf-8"},{"url":"https://oss.medama.io/mintlify-assets/_next/static/chunks/9ffc684b9a12d113.css?dpl=dpl_H51hbMW2hXSsxTik9TRavMmyPAHx","status":200,"resourceType":"stylesheet","contentType":"text/css; charset=utf-8"},{"url":"https://oss.medama.io/mintlify-assets/_next/static/chunks/d260340e1c30c06e.css?dpl=dpl_H51hbMW2hXSsxTik9TRavMmyPAHx","status":200,"resourceType":"stylesheet","contentType":"text/css; charset=utf-8"},{"url":"https://oss.medama.io/mintlify-assets/_next/static/chunks/4c8ae0e77f760f22.css?dpl=dpl_H51hbMW2hXSsxTik9TRavMmyPAHx","status":200,"resourceType":"stylesheet","contentType":"text/css; charset=utf-8"},{"url":"https://oss.medama.io/mintlify-assets/_next/static/media/83afe278b6a6bb3c.p.3a6ba036.woff2","status":200,"resourceType":"font","contentType":"font/woff2"},{"url":"https://oss.medama.io/mintlify-assets/_next/static/chunks/ac0991e1ed3da4fb.js?dpl=dpl_H51hbMW2hXSsxTik9TRavMmyPAHx","status":200,"resourceType":"script","contentType":"application/javascript; charset=utf-8"},{"url":"https://oss.medama.io/mintlify-assets/_next/static/chunks/cae723b407113d75.js?dpl=dpl_H51hbMW2hXSsxTik9TRavMmyPAHx","status":200,"resourceType":"script","contentType":"application/javascript; charset=utf-8"},{"url":"https://oss.medama.io/mintlify-assets/_next/static/chunks/turbopack-ca7c460f91efb31a.js?dpl=dpl_H51hbMW2hXSsxTik9TRavMmyPAHx","status":200,"resourceType":"script","contentType":"application/javascript; charset=utf-8"},{"url":"https://oss.medama.io/mintlify-assets/_next/static/chunks/7c1d2c0ac844f842.js?dpl=dpl_H51hbMW2hXSsxTik9TRavMmyPAHx","status":200,"resourceType":"script","contentType":"application/javascript; charset=utf-8"},{"url":"https://oss.medama.io/mintlify-assets/_next/static/chunks/de15d9642f7c974c.js?dpl=dpl_H51hbMW2hXSsxTik9TRavMmyPAHx","status":200,"resourceType":"script","contentType":"application/javascript; charset=utf-8"},{"url":"https://oss.medama.io/mintlify-assets/_next/static/chunks/90079180db6f14a4.js?dpl=dpl_H51hbMW2hXSsxTik9TRavMmyPAHx","status":200,"resourceType":"script","contentType":"application/javascript; charset=utf-8"},{"url":"https://oss.medama.io/mintlify-assets/_next/static/chunks/03cbde39492c6691.js?dpl=dpl_H51hbMW2hXSsxTik9TRavMmyPAHx","status":200,"resourceType":"script","contentType":"application/javascript; charset=utf-8"}]} expected="0 missing or malformed eligible same-origin responses" issue="One or more same-origin active resources observed by Chrome did not emit X-Content-Type-Options: nosniff."WARNOne or more same-origin active resources observed by Chrome did not emit X-Content-Type-Options: nosniff.

Evaluate fetch baseline [fail]! CSP does not define default-src; several fetch directives may have no restrictive fallback.INFOEvaluate fetch baselineINFOEvaluate resource loading fallback explicitFetchDirectives=["object-src","worker-src"]FAILCompare fetch baseline actual="0 explicit fetch directives" expected="restricted default-src or broad explicit fetch coverage" issue="CSP does not define default-src; several fetch directives may have no restrictive fallback."FAILCSP does not define default-src; several fetch directives may have no restrictive fallback.Evaluate script execution [fail]! No script-src or default-src directive constrains script execution.INFOEvaluate script executionINFOInspect effective script directive FAILCompare script execution posture actual={"hasNonce":false,"hasHash":false,"hasStrictDynamic":false,"hasUnsafeInline":false,"hasUnsafeEval":false,"hasWildcardHost":false,"hasBroadScheme":false,"dangerousSchemes":[]} expected="constrained script sources without unsafe execution allowances" issue="No script-src or default-src directive constrains script execution."FAILNo script-src or default-src directive constrains script execution.Review CSP reporting [warning]! CSP does not define a reporting endpoint.INFOReview CSP reportingINFOInspect CSP reporting directives reportOnlyHeaderPresent=false reportOnlyDirectives=[]WARNCompare violation reporting configuration actual="no reporting endpoint" expected="report-to or report-uri present" issue="CSP does not define a reporting endpoint."WARNCSP does not define a reporting endpoint.

Validate version-specific card shape [fail]! A2A Agent Card is missing required fields, contains invalid URLs, or exposes unsafe public metadata.INFOValidate version-specific card shapeFAILCompare missing required card fields actual=["description","skills[]"] expected="none"FAILCheck every declared A2A skill has required name, description, and endpoint fields actual=0 expected=0 invalidSkills=[]INFOReview declared endpoint interfaces interfaces=[{"url":"https://medama.mintlify.app/","protocolBinding":"HTTP+JSON","issues":[]}]FAILA2A Agent Card is missing required fields, contains invalid URLs, or exposes unsafe public metadata.Probe same-origin A2A endpoint [warning]! A2A endpoint probing was skipped because the endpoint was cross-origin, unavailable from the card, or uses an unsupported binding.INFOProbe same-origin A2A endpointINFOProbe same-origin A2A endpoint when scanner policy allows itSKIPSkipped endpoint probe url="https://medama.mintlify.app/" reason="Endpoint is cross-origin; default scanner policy does not probe it."WARNA2A endpoint probing was skipped because the endpoint was cross-origin, unavailable from the card, or uses an unsupported binding.

Validate URL scope [warning]! The sitemap lists page or child sitemap URLs outside the scanned origin host.INFOValidate URL scope origin="https://oss.medama.io"INFOChecking listed URLs against the scanned origin hostWARNCheck page URLs belong to scanned origin host actual=53 expected=0 offOriginUrls=["https://medama.mintlify.app/api-reference/auth/session-token-authentication","https://medama.mintlify.app/api-reference/auth/session-token-logout","https://medama.mintlify.app/api-reference/authentication","https://medama.mintlify.app/api-reference/authentication/login","https://medama.mintlify.app/api-reference/authentication/logout","https://medama.mintlify.app/api-reference/endpoint/update","https://medama.mintlify.app/api-reference/event/ping","https://medama.mintlify.app/api-reference/event/send-hit-event","https://medama.mintlify.app/api-reference/event/unique-user-check","https://medama.mintlify.app/api-reference/introduction"]PASSCheck child sitemap URLs belong to scanned origin host actual=0 expected=0 offOriginSitemapUrls=[]WARNURL-scope validation completed with warnings reason="The sitemap lists page or child sitemap URLs outside the scanned origin host."

Page-relevant schema family [fail]! The page has specific visible content intent, but structured data does not include a matching primary schema family.INFOPage-relevant schema familyINFOInferring specific page intent and comparing it with detected Schema.org typesFAILCheck schema types matching specific visible page intent actual=0 expected="> 0" inferredIntents=["software"] expectedTypes=["SoftwareApplication","WebApplication","MobileApplication"] matchingTypes=[] observedTypes=["WebSite"]FAILNo primary schema family matches the inferred page intent expectedTypes=["SoftwareApplication","WebApplication","MobileApplication"] primaryTypes=[]

Score llms.txt structure and usefulness [warning]! llms.txt is present, but its structure or link curation is weaker than the emerging proposal and production examples.INFOScore llms.txt structure and usefulnessINFOChecking recommended summary, sections, link labels, agent-friendly links, duplicates, and unsafe targetsWARNCheck blockquote summary is present actual=false expected=truePASSCheck H2 section count actual=3 expected="> 0"PASSCheck Markdown-formatted links actual=58 expected="> 0"PASSCheck unsafe/private link count actual=0 expected=0WARNllms.txt structure-quality validation completed with warnings reason="llms.txt is present, but its structure or link curation is weaker than the emerging proposal and production examples."Inspect optional llms-full.txt [informational]INFOInspect optional llms-full.txtINFOTrying to fetch /llms-full.txt url="https://oss.medama.io/llms-full.txt"SKIP/llms-full.txt is not present statusCode=404

Page landmarks [warning]! The page has a main landmark but is missing a primary navigation, header/banner, or page-level footer/contentinfo landmark.INFOPage landmarksWARNCheck page landmarks evidence actual={"counts":{"main":1,"roleMain":0,"nav":3,"roleNavigation":0,"header":2,"roleBanner":0,"footer":1,"pageFooter":0,"roleContentinfo":0},"main":true} expected="semantic HTML evidence for this step"WARNPage landmarks has a warning issue="The page has a main landmark but is missing a primary navigation, header/banner, or page-level footer/contentinfo landmark."

Review subdomain scope [warning]! HSTS is valid, but includeSubDomains is absent.INFOReview subdomain scopeINFOInspect subdomain enforcement scope includeSubDomains=falseWARNCompare includeSubDomains coverage actual="absent" expected="included after subdomains are HTTPS-ready" issue="HSTS is valid, but includeSubDomains is absent."WARNHSTS is valid, but includeSubDomains is absent.

Review CSP and XFO interaction [warning]! CSP frame-ancestors and X-Frame-Options express different framing policies.INFOReview CSP and XFO interactionINFOCompare modern CSP and legacy XFO behavior modernBrowserMechanism="csp-frame-ancestors" cspOverridesXfo=true cspMode="explicit" xfoDirective="deny"WARNCheck CSP/XFO policy alignment actual="conflict detected" expected="no conflicting framing policy" issue="CSP frame-ancestors and X-Frame-Options express different framing policies."WARNCSP frame-ancestors and X-Frame-Options express different framing policies.

Find advertised IndexNow key location [informational]! No IndexNow key location was advertised in HTML, Link headers, or robots.txt.INFOFind advertised IndexNow key locationINFOLook for IndexNow key hints in HTML, Link headers, and robots.txt supportedHints=["robots.txt IndexNow-Key","rel=indexnow-key","meta name=indexnow-key-location"]PASSCompare advertised key location count actual=0 expected="> 0"WARNNo IndexNow key location was advertised in HTML, Link headers, or robots.txt.Fetch and validate IndexNow key file [informational]! No discoverable IndexNow key file was found.INFOFetch and validate IndexNow key fileINFOLook for IndexNow key hints in HTML, Link headers, and robots.txt supportedHints=["robots.txt IndexNow-Key","rel=indexnow-key","meta name=indexnow-key-location"]PASSCompare advertised key location count actual=0 expected="> 0"INFOFetch each advertised same-origin key file and validate filename/body matchFAILCompare valid IndexNow key file count actual=0 expected="> 0"WARNNo discoverable IndexNow key file was found.