Validate ACP discovery shape [fail]! ACP discovery is missing protocol.INFOValidate ACP discovery shape status="fail"INFOValidate ACP protocol object, name, date version, and supported_versions orderingFAILCheck protocol object and name actual={"hasProtocol":false} expected={"hasProtocol":true,"protocolName":"acp"}FAILCheck protocol version history actual={"supportedVersionCount":0,"supportedVersionsOrdered":true,"supportedVersionsEndWithCurrent":false} expected="date version with chronological supported_versions ending in current version"FAILACP discovery is missing protocol.Validate ACP endpoint and transports [fail]! api_base_url is missing or unsafe.INFOValidate ACP endpoint and transports status="fail"INFOValidate ACP API base URL and supported transportsFAILCheck safe HTTPS api_base_url actual=false expected=trueFAILCheck REST transport support actual=false expected=true transports=[] transportWarnings=[]FAILapi_base_url is missing or unsafe.Validate ACP capabilities [fail]! ACP discovery is missing capabilities.INFOValidate ACP capabilities status="fail"INFOValidate ACP services, extensions, intervention types, currencies, and localesFAILCheck capabilities object actual=false expected=trueFAILCheck stable ACP service declarations actual=[] expected="one or more known services such as checkout, orders, or delegate_payment"FAILCheck ACP capability values use stable service, extension, intervention, currency, and locale names actual="no compatibility warnings" expected="no unknown or unstable capability values" warnings=[]FAILACP discovery is missing capabilities.Review ACP cache and retry metadata [warning]! ACP discovery is missing Cache-Control guidance.INFOReview ACP cache and retry metadata status="warning"INFOInspect ACP discovery cache headers and retry guidance statusCode=200 cacheControl=null retryAfter=nullWARNCheck Cache-Control header on successful discovery actual="missing" expected="present for cacheable public discovery"WARNCheck Retry-After on rate-limit or unavailable responses actual="not required" expected="present only for 429 or 503"WARNACP discovery is missing Cache-Control guidance.

Find useful Link headers [fail]! No useful agent discovery Link headers were found.INFOFind useful Link headersINFOParse response Link header linkCount=0FAILCompare registered agent-useful relation count actual=0 expected="> 0"FAILCompare community relation count actual=0 expected="accepted as weaker evidence"FAILNo useful agent discovery Link headers were found.Fetch same-origin Link header targets [fail]! Link headers did not expose any same-origin targets to validate.INFOFetch same-origin Link header targetsINFOFetch same-origin Link header targets and record external skipsFAILCompare same-origin Link target failures actual=1 expected=0FAILLink headers did not expose any same-origin targets to validate.

Discover MCP server card [warning]! The MCP server card was found only at a transitional or linked path.INFODiscover MCP server card candidateCount=5INFOBuild MCP server-card candidate list currentPath="/.well-known/mcp-server-card" transitionalPaths=["/.well-known/mcp/server-card.json","/.well-known/mcp/server-cards.json","/mcp.json","/.well-known/mcp.json"] linkedPaths=[]INFOTrying to fetch /.well-known/mcp-server-card url="https://roadmap.sh/.well-known/mcp-server-card" source="current"FAIL/.well-known/mcp-server-card did not return a usable server card statusCode=404 contentType="text/html; charset=utf-8"INFOTrying to fetch /.well-known/mcp/server-card.json url="https://roadmap.sh/.well-known/mcp/server-card.json" source="transitional"FAIL/.well-known/mcp/server-card.json did not return a usable server card statusCode=404 contentType="text/html; charset=utf-8"INFOTrying to fetch /.well-known/mcp/server-cards.json url="https://roadmap.sh/.well-known/mcp/server-cards.json" source="transitional"FAIL/.well-known/mcp/server-cards.json did not return a usable server card statusCode=404 contentType="text/html; charset=utf-8"INFOTrying to fetch /mcp.json url="https://roadmap.sh/mcp.json" source="transitional"FAIL/mcp.json did not return a usable server card statusCode=404 contentType="text/plain;charset=UTF-8"INFOTrying to fetch /.well-known/mcp.json url="https://roadmap.sh/.well-known/mcp.json" source="transitional"PASS/.well-known/mcp.json returned a successful response statusCode=200 contentType="application/json; charset=utf-8" finalUrl="https://roadmap.sh/.well-known/mcp.json"WARNCheck selected card is published at the current well-known path actual="/.well-known/mcp.json" expected="/.well-known/mcp-server-card" source="transitional" finalUrl="https://roadmap.sh/.well-known/mcp.json"WARNMCP server card was discovered through a transitional or linked path path="/.well-known/mcp.json" source="transitional" reason="The MCP server card was found only at a transitional or linked path."Validate server-card shape [fail]! The JSON document does not match a recognized MCP server-card profile.INFOValidate server-card shape profile="unknown-json"PASSCheck response body parsed as JSON actual=true expected=truePASSCheck Content-Type is JSON-compatible actual=true expected=trueFAILCheck recognized MCP server-card profile actual="unknown-json" expected="sep-2127-draft" reason="Document does not match a known MCP server-card profile."FAILCheck required card fields are present actual=2 expected=0 missing=["known MCP server-card profile","transport or transports"]PASSCheck MCP server-card uses the current remotes[] profile without legacy compatibility warnings actual="no compatibility warnings" expected="current sep-2127-draft card shape with no legacy compatibility warnings" warnings=[]FAILMCP server-card shape validation failed reason="The JSON document does not match a recognized MCP server-card profile."Validate MCP remotes [fail]! No usable MCP remote transport was declared.INFOValidate MCP remotes remoteCount=0FAILCheck at least one MCP remote is declared actual=0 expected="> 0"PASSCheck invalid remote count actual=0 expected=0 invalidRemotes=[]PASSCheck same-origin remote coverage actual=0 expected=0FAILMCP remote validation failed reason="No usable MCP remote transport was declared."Validate HTTP delivery [warning]! CORS header Access-Control-Allow-Origin is absent.INFOValidate HTTP delivery finalUrl="https://roadmap.sh/.well-known/mcp.json"PASSCheck server card returned HTTP 2xx actual=200 expected="200-299"PASSCheck card is served as JSON actual="application/json; charset=utf-8" expected="application/json or +json"PASSCheck card is served over HTTPS actual="https:" expected="https:"WARNCheck browser-readable CORS header actual="missing" expected="Access-Control-Allow-Origin present"WARNCheck cache header is present actual="missing" expected="Cache-Control present"WARNMCP server-card HTTP delivery has non-blocking issues issues=["CORS header Access-Control-Allow-Origin is absent.","Cache-Control is absent."] reason="CORS header Access-Control-Allow-Origin is absent."Probe same-origin MCP endpoint [warning]! No MCP remote endpoint could be probed.INFOProbe same-origin MCP endpoint probeCount=0INFOSelecting same-origin unauthenticated MCP remotes for a bounded initialize probeWARNCheck successful initialize probe count actual=0 expected="> 0 when a safe same-origin unauthenticated remote exists" activeProbeCount=0 authBlocked=0WARNMCP endpoint probe could not fully confirm operability reason="No MCP remote endpoint could be probed."

Validate RFC 9309 core syntax [fail]! robots.txt was found but did not contain a valid, parseable User-agent group.INFOValidate RFC 9309 core syntaxINFOParsing robots.txt into User-agent groups and Allow/Disallow recordsPASSCheck User-agent group count actual=1 expected=">= 1 parseable group" parsedUserAgents=["*"]FAILCheck malformed lines and orphan Allow/Disallow records actual={"invalidLines":0,"orphanRecords":19} expected={"invalidLines":0,"orphanRecords":0}FAILAllow/Disallow records appeared before any User-agent group orphanRecords=[{"directive":"disallow","value":"/og/","line":4},{"directive":"disallow","value":"/login","line":7},{"directive":"disallow","value":"/signup","line":8},{"directive":"disallow","value":"/forgot-password","line":9},{"directive":"disallow","value":"/reset-password","line":10}]

Detect WebMCP runtime API [warning]! WebMCP-like strings were found, but rendered browser evidence did not confirm a usable runtime API.INFODetect WebMCP runtime API status="warning"INFOProbe rendered browser for WebMCP runtime objects WARNCheck current W3C runtime API actual="not detected" expected="document.modelContext/registerTool available"WARNWebMCP-like strings were found, but rendered browser evidence did not confirm a usable runtime API.Probe WebMCP operability [fail]! Discovered WebMCP static metadata was fetchable but invalid.INFOProbe WebMCP operability status="fail"INFORun safe WebMCP operability checks safeProbeOnly=trueFAILCheck usable WebMCP evidence actual=0 expected="at least 1 usable runtime, declarative, annotation, or static manifest signal"FAILWebMCP operability failure issue="Discovered WebMCP static metadata was fetchable but invalid."FAILDiscovered WebMCP static metadata was fetchable but invalid.Validate declarative WebMCP form tools [informational]! No W3C-style declarative WebMCP form attributes were found.INFOValidate declarative WebMCP form tools status="informational"INFOInspect visible forms and controls for current declarative WebMCP attributes annotatedElements=0 formsWithAttributes=0 controlsWithAttributes=0SKIPValidate declarative WebMCP attribute quality actual=0 expected=0INFONo W3C-style declarative WebMCP form attributes were found. status="informational"Validate MCP-aware HTML annotations [informational]! No data-mcp-tool or hyphenated WebMCP compatibility annotations were found.INFOValidate MCP-aware HTML annotations status="informational"INFOInspect HTML for MCP compatibility annotations compatibilityAttributeCount=0 dataMcpToolCount=0 examples=[]SKIPValidate compatibility annotation quality actual=0 expected=0INFONo data-mcp-tool or hyphenated WebMCP compatibility annotations were found. status="informational"Validate static WebMCP JSON compatibility [fail]! A discovered WebMCP static manifest or WMCP interaction graph was invalid.INFOValidate static WebMCP JSON compatibility status="fail"INFODiscover static WebMCP manifest candidates conventionalPaths=["/.well-known/webmcp.json","/webmcp.json"] checkedCount=2 profileCounts={"unknown-webmcp-json":1}PASSWebMCP manifest candidate found source="path" path="/.well-known/webmcp.json" url="https://roadmap.sh/.well-known/webmcp.json" statusCode=200 contentType="application/json; charset=utf-8"INFOWebMCP manifest candidate checked source="path" path="/webmcp.json" url="https://roadmap.sh/webmcp.json" statusCode=404 contentType="text/plain;charset=UTF-8"FAILValidate discovered static WebMCP metadata actual={"validManifestCount":0,"invalidManifestCount":1,"toolCount":0,"wmcpActionCount":0} expected="at least 1 valid tools[] manifest or WMCP graph when static metadata is present"FAILA discovered WebMCP static manifest or WMCP interaction graph was invalid.

Fetch /.well-known/tdmrep.json [fail]! TDMRep document must be a JSON array of rule objects.INFOFetch /.well-known/tdmrep.jsonINFORequesting origin-level TDMRep declaration at /.well-known/tdmrep.jsonFAILCompare TDMRep file response actual=200 expected="2xx with JSON array when origin-level TDMRep is published" contentType="application/json; charset=utf-8" length=195FAILTDMRep document must be a JSON array of rule objects. compatibleContentType=trueValidate TDM declarations [fail]! No valid TDM declarations were parsed from the declared TDMRep surface.INFOValidate TDM declarationsINFOChecking reservation values, policy URLs, declaration source, and cross-surface consistency declarationCount=0FAILCompare malformed declaration count actual=1 expected=0 warnings=[]FAILNo valid TDM declarations were parsed from the declared TDMRep surface. source="well-known" index=-1

Fetch discovery metadata [fail]! OAuth/OIDC was claimed or referenced, but no registered OAuth/OIDC discovery document was found.INFOFetch discovery metadataINFOTrying OAuth/OIDC well-known metadata candidates checkedCount=2INFOChecked discovery candidate path="/.well-known/openid-configuration" statusCode=404 contentType="text/html; charset=utf-8" length=32280INFOChecked discovery candidate path="/.well-known/oauth-authorization-server" statusCode=404 contentType="text/html; charset=utf-8" length=32280FAILCheck discovery metadata fetch succeeded actual=2 expected="HTTP 2xx JSON metadata document"FAILFetch discovery metadata failed issue="OAuth/OIDC was claimed or referenced, but no registered OAuth/OIDC discovery document was found."

Validate OpenAPI shape [fail]! missing openapi/swagger version; missing info.title; missing info.version; no paths or webhooks defined; no operations defined; no operation responses definedINFOValidate OpenAPI shape status="fail"INFOValidate required OpenAPI shape versionFamily="missing" pathCount=0 webhookCount=0 operationCount=0FAILCheck operations define responses actual=0 expected="every operation should define responses"FAILCheck info metadata actual={"hasInfoTitle":false,"hasInfoVersion":false} expected="info.title and info.version present"FAILOpenAPI shape issue issue="missing openapi/swagger version"FAILOpenAPI shape issue issue="missing info.title"FAILOpenAPI shape issue issue="missing info.version"FAILOpenAPI shape issue issue="no paths or webhooks defined"FAILOpenAPI shape issue issue="no operations defined"FAILOpenAPI shape issue issue="no operation responses defined"FAILmissing openapi/swagger version; missing info.title; missing info.version; no paths or webhooks defined; no operations defined; no operation responses definedCheck machine-usable details [fail]! OpenAPI is valid, but missing schemas, parameters, servers, auth, operation IDs, tags, or examples reduces machine usability.INFOCheck machine-usable details status="fail"INFOInspect machine-usable operation details hasServers=false hasSecuritySchemes=false hasExplicitNoAuth=false requestBodyOperationCount=0 parameterOperationCount=0 responseSchemaOperationCount=0 operationIdCount=0 taggedOperationCount=0 exampleOperationCount=0WARNCheck OpenAPI operations include enough detail for agents to call them safely actual="2 machine-usability warning(s)" expected="servers, auth/no-auth signals, operationIds, parameters, request bodies, responses, tags, and examples where relevant"WARNMachine-usability warning warning="No server, host, or basePath information was found."WARNMachine-usability warning warning="No security schemes or explicit no-auth declaration were found."FAILOpenAPI is valid, but missing schemas, parameters, servers, auth, operation IDs, tags, or examples reduces machine usability.

Classify AI crawler rules [fail]! No explicit User-agent rules were found for major AI crawler tokens.INFOClassify AI crawler rulesINFOParsing User-agent groups and Allow/Disallow records for known AI crawler tokens evaluatedPath="/"INFOEvaluating exact User-agent matches before wildcard fallback exactAiPolicyCount=0 totalCrawlerTokens=18FAILNo explicit AI crawler User-agent groups were found examplesExpected=["GPTBot","OAI-SearchBot","ClaudeBot","Google-Extended","CCBot"]FAILCompare explicit AI crawler coverage actual=0 expected="> 0 explicit non-search AI crawler policies" missingTokens=["GPTBot","OAI-SearchBot","ChatGPT-User","ClaudeBot","Claude-SearchBot","Claude-User","Google-Extended","Applebot-Extended","Amazonbot","Amzn-SearchBot","Amzn-User","PerplexityBot"]INFOResolved effective root-path policy for crawler tokens blocked=0 allowed=21 unspecified=0

Warn when auth surface lacks Auth.md [warning]! The site appears to support login, signup, account access, or credentials but does not publish /auth.md.INFOWarn when auth surface lacks Auth.mdWARNThe site appears to support login, signup, account access, or credentials but does not publish /auth.md.

Detect protected-resource applicability [warning]! Generic authentication signals were found, but no OAuth Protected Resource metadata signal was detected.INFODetect protected-resource applicabilityINFOInspecting auth headers, MCP/OAuth claims, and protected-resource hints applies=false requiresAuthorizationServers=false signalsCount=0 genericAuthSignalsCount=1 checkedCount=1WARNCheck protected-resource metadata applicability actual=false expected="true when RFC 9728 metadata exists or support is claimed" checked=[{"url":"https://roadmap.sh/.well-known/oauth-protected-resource","path":"/.well-known/oauth-protected-resource","source":"root-well-known","resourceIdentifier":"https://roadmap.sh","statusCode":404,"contentType":"text/html; charset=utf-8","length":32280}]WARNDetect protected-resource applicability completed with warnings issue="Generic authentication signals were found, but no OAuth Protected Resource metadata signal was detected."

Fetch API catalog [warning]! This origin appears to publish or claim public APIs, but no RFC 9727 API catalog was found.INFOFetch API catalogINFOFetch /.well-known/api-catalog requestedUrl="https://roadmap.sh/.well-known/api-catalog"WARNCompare API catalog HTTP status actual=404 expected="2xx/3xx"WARNThis origin appears to publish or claim public APIs, but no RFC 9727 API catalog was found. status="warning"

Validate Wildcard schema shape [fail]! agents.json does not match the expected Wildcard OpenAPI workflow shape.INFOValidate Wildcard schema shapeINFOParse agents.json and classify contract shape shape="unknown"FAILCompare contract shape actual="unknown" expected="wildcard"FAILCompare missing required schema fields actual="none" expected="none"FAILCompare Content-Type with JSON expectation actual=true expected=trueFAILagents.json does not match the expected Wildcard OpenAPI workflow shape.Validate API actions [fail]! Wildcard agents.json must include valid OpenAPI-derived action or operation definitions.INFOValidate API actionsFAILCompare API action count actual=0 expected="> 0"FAILCompare invalid action definitions actual=0 expected=0FAILWildcard agents.json must include valid OpenAPI-derived action or operation definitions.Validate flows and links [fail]! No executable flows were found.INFOValidate flows and linksFAILCompare workflow flow count actual=0 expected="> 0"FAILCompare operation link issues actual=0 expected=0FAILNo executable flows were found.Review examples and LLM usability [warning]! Examples or descriptions are too thin for reliable agent argument generation.INFOReview examples and LLM usabilityWARNCompare usable example count actual=0 expected="> 0 when actions are present"WARNExamples or descriptions are too thin for reliable agent argument generation.

Validate Last-Modified header [fail]! No valid Last-Modified HTTP header was found.INFOValidate Last-Modified headerINFOReading Last-Modified response headerFAILCheck Last-Modified header is present and parseable actual="missing" expected="valid" alternateDates=[]FAILLast-Modified header is missing or invalidValidate structured freshness dates [fail]! No Schema.org freshness dates were found.INFOValidate structured freshness datesINFOCollecting Schema.org freshness dates from JSON-LD, Microdata, and RDFaFAILCheck structured freshness date count actual=0 expected="> 0" invalidDateCount=0 formats={} alternateDates=[]FAILNo structured freshness dates foundValidate metadata freshness dates [fail]! No Open Graph, Dublin Core, or generic meta freshness date was found.INFOValidate metadata freshness datesINFOCollecting Open Graph, Dublin Core, and generic meta freshness datesFAILCheck metadata freshness date count actual=0 expected="> 0" metaDateCount=0 invalidDateCount=0 alternateDates=[]FAILNo metadata freshness dates foundCorroborate with sitemap lastmod [warning]INFOCorroborate with sitemap lastmodINFODiscovering sitemap candidates and matching the scanned page URL candidateCount=2 attempts=1WARNCheck matching sitemap lastmod actual="invalid match" expected="valid match when available" sitemapUrl="https://roadmap.sh/sitemap_index.xml" robotsStatusCode=200WARNNo matching sitemap lastmod found after sitemap attempts attempts=1

Fetch root llms.txt [fail]! /llms.txt was not found or could not be fetched.INFOFetch root llms.txt path="/llms.txt"INFOTrying to fetch /llms.txt url="https://roadmap.sh/llms.txt"FAIL/llms.txt was not found or could not be fetched statusCode=404FAILFetch root llms.txt failed reason="/llms.txt is required for this check."Inspect optional llms-full.txt [informational]INFOInspect optional llms-full.txtINFOTrying to fetch /llms-full.txt url="https://roadmap.sh/llms-full.txt"SKIP/llms-full.txt is not present statusCode=404

Organization entity [fail]! No Organization or Organization subtype was found in Schema.org structured data.INFOOrganization entityINFOLooking for Organization or Organization subtype in structured data observedTypes=[]FAILCheck Organization entity presence actual=false expected=true fields=[{"name":"Organization.@type","present":false},{"name":"Organization.@id","present":false},{"name":"Organization.name","present":false},{"name":"Organization.url","present":false},{"name":"Organization.logo","present":false},{"name":"Organization.sameAs","present":false}]FAILOrganization entity is missingWebSite entity [fail]! No WebSite entity was found in Schema.org structured data.INFOWebSite entityINFOLooking for WebSite entity in structured data FAILCheck WebSite entity presence actual=false expected=true fields=[{"name":"WebSite.@type","present":false},{"name":"WebSite.@id","present":false},{"name":"WebSite.name","present":false},{"name":"WebSite.url","present":false},{"name":"WebSite.publisher.@id","present":false},{"name":"WebSite.publisher.name","present":false},{"name":"WebSite.publisher.url","present":false}]FAILWebSite entity is missingIdentity fields [fail]! Missing identity field(s): Organization.name, Organization.url, WebSite.name, WebSite.url.INFOIdentity fieldsINFOChecking Organization and WebSite name/url fields FAILCheck required identity fields actual=0 expected=4 missing=["Organization.name","Organization.url","WebSite.name","WebSite.url"] organizationFields=[{"name":"Organization.@type","present":false},{"name":"Organization.@id","present":false},{"name":"Organization.name","present":false},{"name":"Organization.url","present":false},{"name":"Organization.logo","present":false},{"name":"Organization.sameAs","present":false}] websiteFields=[{"name":"WebSite.@type","present":false},{"name":"WebSite.@id","present":false},{"name":"WebSite.name","present":false},{"name":"WebSite.url","present":false},{"name":"WebSite.publisher.@id","present":false},{"name":"WebSite.publisher.name","present":false},{"name":"WebSite.publisher.url","present":false}]WARNCheck identity URLs match scanned origin actual={"organizationUrlMatchesOrigin":false,"websiteUrlMatchesOrigin":false} expected={"organizationUrlMatchesOrigin":true,"websiteUrlMatchesOrigin":true}FAILIdentity fields are missing missing=["Organization.name","Organization.url","WebSite.name","WebSite.url"]WebSite publisher linkage [fail]! WebSite.publisher is missing.INFOWebSite publisher linkageINFOChecking whether WebSite.publisher points to the Organization entity FAILCheck publisher presence actual=false expected=true publisher={"present":false,"matchesOrganization":false} website={} organization={}FAILCheck publisher matches Organization actual=false expected=trueFAILWebSite publisher is missingOrganization trust fields [fail]! Organization schema is missing logo and sameAs or public contact evidence.INFOOrganization trust fieldsINFOChecking logo, sameAs, and public contact evidence FAILCheck logo presence actual=false expected=true fields=[{"name":"Organization.logo","present":false},{"name":"Organization.sameAs","present":false},{"name":"Organization.contactPoint","present":false},{"name":"Organization.telephone","present":false},{"name":"Organization.email","present":false},{"name":"Organization.address","present":false}]FAILCheck sameAs or contact evidence actual=0 expected=">= 1" sameAsCount=0 contactSignalCount=0 fields=[{"name":"Organization.logo","present":false},{"name":"Organization.sameAs","present":false},{"name":"Organization.contactPoint","present":false},{"name":"Organization.telephone","present":false},{"name":"Organization.email","present":false},{"name":"Organization.address","present":false}]FAILOrganization trust fields are missing

Recognized structured data format [fail]! No JSON-LD, Microdata, or RDFa structured data was found.INFORecognized structured data formatINFODetecting JSON-LD, Microdata, and RDFa in the page HTMLFAILCheck recognized structured-data formats found actual=0 expected="> 0" formatsFound=[]FAILNo recognized structured-data format foundPage-relevant schema family [fail]! The page has specific visible content intent, but structured data does not include a matching primary schema family.INFOPage-relevant schema familyINFOInferring specific page intent and comparing it with detected Schema.org typesFAILCheck schema types matching specific visible page intent actual=0 expected="> 0" inferredIntents=["software"] expectedTypes=["SoftwareApplication","WebApplication","MobileApplication"] matchingTypes=[] observedTypes=[]FAILNo primary schema family matches the inferred page intent expectedTypes=["SoftwareApplication","WebApplication","MobileApplication"] primaryTypes=[]

Find Referrer-Policy header [fail]! Referrer-Policy header is missing.INFOFind Referrer-Policy headerINFORead Referrer-Policy delivery header="referrer-policy" value="missing" metaReferrerPolicyCount=0 browserDefault="strict-origin-when-cross-origin"FAILRequire explicit HTTP Referrer-Policy header actual="missing" expected="HTTP response header present" issue="Referrer-Policy header is missing."FAILReferrer-Policy header is missing.Review observed browser responses [warning]! One or more same-origin HTML documents observed by Chrome did not emit Referrer-Policy.INFOReview observed browser responsesINFOSample Chrome-observed same-origin responses observedResponseCount=120 sameOriginCount=119 htmlDocumentCount=1WARNCompare observed Referrer-Policy coverage actual={"missingPolicyCount":1,"unsafeOrInvalidPolicyCount":0,"weakPolicyCount":0,"affected":[{"url":"https://roadmap.sh/","status":200,"resourceType":"document","contentType":"text/html; charset=utf-8","referrerPolicy":null,"classification":"invalid"}]} expected="0 missing, unsafe, invalid, or weak same-origin HTML responses" issue="One or more same-origin HTML documents observed by Chrome did not emit Referrer-Policy."WARNOne or more same-origin HTML documents observed by Chrome did not emit Referrer-Policy.

Markdown representation [fail]! No usable Markdown representation was found through negotiation, advertised alternates, or conservative .md mirror checks.INFOMarkdown representationFAILCheck usable Markdown representation was selected actual={"source":"negotiated","url":"https://roadmap.sh/","statusCode":200,"contentType":"text/html; charset=utf-8","mediaType":"text/html","vary":"Accept-Encoding","requireVaryAccept":true,"contentTypeStatus":"fail","cacheStatus":"fail","bodyStatus":"fail","pass":false,"quality":{"valid":false,"formatStatus":"fail","dialect":"mdx-like","hasHeading":false,"headingCount":0,"wordCount":62357,"features":{"markdownLinks":0,"referenceLinks":0,"listItems":0,"tables":0,"taskListItems":0,"fencedCodeBlocks":0,"yamlFrontmatter":false,"jsonLdFencedBlocks":0,"admonitions":0,"strikethrough":0,"autolinks":0,"rawHtmlTags":1029,"jsxOrMdxSignals":2},"issues":["missing-heading","raw-html-heavy","mdx-jsx-source-leakage","plain-text-like"],"excerpt":"<!DOCTYPE html><html lang=\"en\"><head><meta charSet=\"utf-8\"/><meta name=\"viewport\" content=\"width=device-width, user-scalable=yes, initial-scale=1.0, maximum-scale=3.0, minimum-scale=1.0\"/><link rel=\"preload\" as=\"image\" href=\"/img/gifs/rocke","issue":"Markdown response appears to expose MDX/JSX source rather than rendered agent-facing Markdown."}} expected="negotiated, advertised alternate, or conventional mirror" selected={"source":"negotiated","url":"https://roadmap.sh/","statusCode":200,"contentType":"text/html; charset=utf-8","mediaType":"text/html","vary":"Accept-Encoding","requireVaryAccept":true,"contentTypeStatus":"fail","cacheStatus":"fail","bodyStatus":"fail","pass":false,"quality":{"valid":false,"formatStatus":"fail","dialect":"mdx-like","hasHeading":false,"headingCount":0,"wordCount":62357,"features":{"markdownLinks":0,"referenceLinks":0,"listItems":0,"tables":0,"taskListItems":0,"fencedCodeBlocks":0,"yamlFrontmatter":false,"jsonLdFencedBlocks":0,"admonitions":0,"strikethrough":0,"autolinks":0,"rawHtmlTags":1029,"jsxOrMdxSignals":2},"issues":["missing-heading","raw-html-heavy","mdx-jsx-source-leakage","plain-text-like"],"excerpt":"<!DOCTYPE html><html lang=\"en\"><head><meta charSet=\"utf-8\"/><meta name=\"viewport\" content=\"width=device-width, user-scalable=yes, initial-scale=1.0, maximum-scale=3.0, minimum-scale=1.0\"/><link rel=\"preload\" as=\"image\" href=\"/img/gifs/rocke","issue":"Markdown response appears to expose MDX/JSX source rather than rendered agent-facing Markdown."}} candidatesChecked=2FAILMarkdown representation failed issue="No usable Markdown representation was found through negotiation, advertised alternates, or conservative .md mirror checks."Same-URL negotiation [fail]! Same-URL Accept: text/markdown did not return a valid Markdown representation.INFOSame-URL negotiationFAILCheck negotiated Markdown response actual={"statusCode":200,"mediaType":"text/html","vary":"Accept-Encoding"} expected="HTTP 2xx text/markdown with Vary: Accept" url="https://roadmap.sh/" statusCode=200 mediaType="text/html" vary="Accept-Encoding"FAILSame-URL negotiation failed issue="Same-URL Accept: text/markdown did not return a valid Markdown representation."Markdown format validation [fail]! Markdown response appears to expose MDX/JSX source rather than rendered agent-facing Markdown.INFOMarkdown format validationFAILCheck Markdown body quality actual={"valid":false,"wordCount":62357,"headingCount":0,"dialect":"mdx-like"} expected="valid Markdown with substantive text and headings" valid=false dialect="mdx-like" wordCount=62357 headingCount=0FAILMarkdown format validation failed issue="Markdown response appears to expose MDX/JSX source rather than rendered agent-facing Markdown."Advertised Markdown alternate [warning]! No Link or HTML rel=alternate text/markdown URL was advertised.INFOAdvertised Markdown alternateWARNCheck advertised Markdown alternate candidates actual=0 expected="> 0 when HTML advertises a Markdown alternate" advertisedUrls=[] candidateCount=0WARNAdvertised Markdown alternate has a warning issue="No Link or HTML rel=alternate text/markdown URL was advertised."Conventional .md mirror [fail]! Conventional .md mirror candidates did not return valid Markdown.INFOConventional .md mirrorFAILCheck conventional Markdown mirror candidates actual=1 expected="> 0 when a conventional mirror is discoverable" conventionalUrls=["https://roadmap.sh/index.html.md"] candidateCount=1FAILConventional .md mirror failed issue="Conventional .md mirror candidates did not return valid Markdown."

Discover Agent Skills index [warning]! No Agent Skills discovery index was found at the canonical or legacy path.INFODiscover Agent Skills indexINFOTry Agent Skills index paths in priority order paths=["/.well-known/agent-skills/index.json","/.well-known/skills/index.json"]WARNAgent Skills index candidate was not usable path="/.well-known/agent-skills/index.json" url="https://roadmap.sh/.well-known/agent-skills/index.json" statusCode=404WARNAgent Skills index candidate was not usable path="/.well-known/skills/index.json" url="https://roadmap.sh/.well-known/skills/index.json" statusCode=404WARNNo Agent Skills discovery index was found at the canonical or legacy path.

Validate declared usage preferences [warning]! No Content-Usage or Content-Signal declarations were found.INFOValidate declared usage preferencesINFOParsing declared preferences into terms and values recordCount=0SKIPSkipping declaration validation because no Content-Usage or Content-Signal records were declared.SKIPCompare declared records to validation requirement actual=0 expected="No validation needed when no records are declared"WARNNo Content-Usage or Content-Signal declarations were present.

Query DNS-AID records [warning]! No DNS-AID HTTPS/SVCB records were found under _agents.INFOQuery DNS-AID recordsINFOBuild DNS-AID query names from hostname hostname="roadmap.sh" labels=["_index._agents.roadmap.sh","_a2a._agents.roadmap.sh"] claimedOnPage=falseWARNDNS query returned no DNS-AID answers name="_index._agents.roadmap.sh" rrtype="HTTPS" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_index._agents.roadmap.sh" rrtype="SVCB" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_index._agents.roadmap.sh" rrtype="ANY" resolver="node-resolveAny-fallback" answerCount=0 error="queryAny ETIMEOUT _index._agents.roadmap.sh"WARNDNS query returned no DNS-AID answers name="_a2a._agents.roadmap.sh" rrtype="HTTPS" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_a2a._agents.roadmap.sh" rrtype="SVCB" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_a2a._agents.roadmap.sh" rrtype="ANY" resolver="node-resolveAny-fallback" answerCount=0 error="queryAny ETIMEOUT _a2a._agents.roadmap.sh"WARNCompare total DNS-AID answer count actual=0 expected="> 0"WARNNo DNS-AID HTTPS/SVCB records were found under _agents.Check DNSSEC authentication evidence [warning]! DNSSEC authentication evidence was not visible for the DNS-AID labels or hostname.INFOCheck DNSSEC authentication evidenceWARNCompare DNSSEC authenticated-data flag actual=false expected=trueWARNCompare visible DNSSEC material actual=false expected=trueWARNResolver did not confirm authenticated DNSSEC data name="_index._agents.roadmap.sh" rrtype="HTTPS" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_index._agents.roadmap.sh" rrtype="SVCB" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_index._agents.roadmap.sh" rrtype="ANY" resolver="node-resolveAny-fallback" dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.roadmap.sh" rrtype="HTTPS" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.roadmap.sh" rrtype="SVCB" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.roadmap.sh" rrtype="ANY" resolver="node-resolveAny-fallback" dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_index._agents.roadmap.sh" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.roadmap.sh" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="roadmap.sh" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNDNSSEC authentication evidence was not visible for the DNS-AID labels or hostname.

Discover RSL declarations [warning]! No RSL declarations were found.INFODiscover RSL declarationsINFOChecking robots.txt License records, HTTP Link rel=license headers, HTML license links, and inline RSL XML robotsFound=trueSKIPCount discovered RSL declarations actual=0 expected=">= 1 when RSL licensing terms are published" sources={}WARNNo RSL declarations were found on any supported discovery surface.

Find enforcing CSP delivery [fail]! Applicable HTML response is missing an enforcing Content-Security-Policy header.INFOFind enforcing CSP deliveryINFORead CSP delivery headers enforcingHeader="missing" reportOnlyHeader="missing" metaPolicyCount=0 legacyHeadersPresent=[]FAILRequire enforcing Content-Security-Policy header actual="missing" expected="present" issue="Applicable HTML response is missing an enforcing Content-Security-Policy header."FAILApplicable HTML response is missing an enforcing Content-Security-Policy header.

Detect A2A card version [fail]! The discovered JSON document does not match a supported A2A Agent Card version family.INFODetect A2A card versionINFORead version indicators from the card detectionEvidence=[]FAILCompare detected A2A version family actual="unknown" expected="v0.1, v0.2, v0.3, or v1"FAILThe discovered JSON document does not match a supported A2A Agent Card version family.Validate version-specific card shape [fail]! Document does not match a supported A2A Agent Card shape.INFOValidate version-specific card shapeFAILCompare missing required card fields actual=["skills[]"] expected="none"FAILCheck every declared A2A skill has required name, description, and endpoint fields actual=0 expected=0 invalidSkills=[]INFOReview declared endpoint interfaces interfaces=[]FAILDocument does not match a supported A2A Agent Card shape.Probe same-origin A2A endpoint [warning]! A2A endpoint probing was skipped because the endpoint was cross-origin, unavailable from the card, or uses an unsupported binding.INFOProbe same-origin A2A endpointINFOProbe same-origin A2A endpoint when scanner policy allows itSKIPSkipped endpoint probe reason="No valid A2A card was available to probe."WARNA2A endpoint probing was skipped because the endpoint was cross-origin, unavailable from the card, or uses an unsupported binding.

Find Strict-Transport-Security [fail]! HTTPS response is missing Strict-Transport-Security.INFOFind Strict-Transport-SecurityINFORead Strict-Transport-Security header header="strict-transport-security" value="missing" effectiveValue=null duplicateHeaderValueCount=0FAILRequire HSTS header on HTTPS response actual="missing" expected="present" issue="HTTPS response is missing Strict-Transport-Security."FAILHTTPS response is missing Strict-Transport-Security.

Find X-Content-Type-Options [fail]! Browser-loadable response is missing X-Content-Type-Options.INFOFind X-Content-Type-OptionsINFORead X-Content-Type-Options header header="x-content-type-options" value="missing"FAILRequire nosniff header actual="missing" expected="present" issue="Browser-loadable response is missing X-Content-Type-Options."FAILBrowser-loadable response is missing X-Content-Type-Options.Review observed browser responses [warning]! One or more same-origin active resources observed by Chrome did not emit X-Content-Type-Options: nosniff.INFOReview observed browser responsesINFOSample Chrome-observed same-origin resources observedResponseCount=120 sameOriginCount=119 eligibleCount=119WARNCompare observed nosniff coverage actual={"missingNosniffCount":119,"malformedNosniffCount":0,"activeResourceMissingNosniffCount":116,"affected":[{"url":"https://roadmap.sh/","status":200,"resourceType":"document","contentType":"text/html; charset=utf-8"},{"url":"https://roadmap.sh/img/gifs/rocket.gif","status":200,"resourceType":"image","contentType":"image/gif"},{"url":"https://roadmap.sh/assets/manifest-226079b3.js","status":200,"resourceType":"script","contentType":"text/javascript"},{"url":"https://roadmap.sh/assets/jsx-runtime-u17CrQMm.js","status":200,"resourceType":"script","contentType":"text/javascript"},{"url":"https://roadmap.sh/assets/entry.client-Ec2hvVvl.js","status":200,"resourceType":"script","contentType":"text/javascript"},{"url":"https://roadmap.sh/assets/index-CKjkqIjd.js","status":200,"resourceType":"script","contentType":"text/javascript"},{"url":"https://roadmap.sh/assets/chunk-JPUPSTYD-d1-CrTzm.js","status":200,"resourceType":"script","contentType":"text/javascript"},{"url":"https://roadmap.sh/assets/root-DMVmUWlC.js","status":200,"resourceType":"script","contentType":"text/javascript"},{"url":"https://roadmap.sh/assets/chunk-LFPYN7LY-DbRpjMI3.js","status":200,"resourceType":"script","contentType":"text/javascript"},{"url":"https://roadmap.sh/assets/QueryClientProvider-CbxrFDM2.js","status":200,"resourceType":"script","contentType":"text/javascript"},{"url":"https://roadmap.sh/assets/use-auth-SD5D9cAD.js","status":200,"resourceType":"script","contentType":"text/javascript"},{"url":"https://roadmap.sh/assets/users-DWWHuyEG.js","status":200,"resourceType":"script","contentType":"text/javascript"}]} expected="0 missing or malformed eligible same-origin responses" issue="One or more same-origin active resources observed by Chrome did not emit X-Content-Type-Options: nosniff."WARNOne or more same-origin active resources observed by Chrome did not emit X-Content-Type-Options: nosniff.

Schema.org attribution [warning]! Schema.org attribution is incomplete or relies only on publisher/fallback evidence.INFOSchema.org attributionINFOChecking structured data for author, creator, and publisher contributorsWARNCheck named Schema.org author count actual=0 expected="> 0" authorCount=0 publisherCount=0 namedContributors=0 authors=[] publishers=[] formats=[]WARNSchema.org attribution is incomplete or fallback-only authorCount=0 publisherCount=0 authors=[] publishers=[]Author identity quality [fail]! No named author or publisher identity could be extracted.INFOAuthor identity qualityINFOChecking contributors for stable identity signalsFAILCheck identified contributor count actual=0 expected="> 0" namedContributors=0 identifiedContributors=[] unidentifiedContributors=[]FAILNo named contributor identity could be extracted

Validate CSP frame-ancestors [warning]! Frame protection relies only on X-Frame-Options; CSP frame-ancestors is the modern control.INFOValidate CSP frame-ancestorsINFORead CSP frame-ancestors signals enforcingHeaderPresent=false reportOnlyHeaderPresent=false metaFrameAncestors=false policyCount=0 duplicateDirectives=[]WARNCompare effective frame-ancestors directive actual="missing" expected="valid restrictive enforcing frame-ancestors" issue="Frame protection relies only on X-Frame-Options; CSP frame-ancestors is the modern control."WARNFrame protection relies only on X-Frame-Options; CSP frame-ancestors is the modern control.

Page landmarks [warning]! The page has a main landmark but is missing a primary navigation, header/banner, or page-level footer/contentinfo landmark.INFOPage landmarksWARNCheck page landmarks evidence actual={"counts":{"main":1,"roleMain":0,"nav":2,"roleNavigation":0,"header":0,"roleBanner":0,"footer":0,"pageFooter":0,"roleContentinfo":0},"main":true} expected="semantic HTML evidence for this step"WARNPage landmarks has a warning issue="The page has a main landmark but is missing a primary navigation, header/banner, or page-level footer/contentinfo landmark."Image text alternatives [warning]! 1 image alt text issues were found.INFOImage text alternativesWARNCheck image text alternatives evidence actual={"counts":{"images":2,"imagesWithAlt":2,"imageAltIssues":1},"imageAltCoverage":true} expected="semantic HTML evidence for this step"WARNImage text alternatives has a warning issue="1 image alt text issues were found."

Find advertised IndexNow key location [informational]! No IndexNow key location was advertised in HTML, Link headers, or robots.txt.INFOFind advertised IndexNow key locationINFOLook for IndexNow key hints in HTML, Link headers, and robots.txt supportedHints=["robots.txt IndexNow-Key","rel=indexnow-key","meta name=indexnow-key-location"]PASSCompare advertised key location count actual=0 expected="> 0"WARNNo IndexNow key location was advertised in HTML, Link headers, or robots.txt.Fetch and validate IndexNow key file [informational]! No discoverable IndexNow key file was found.INFOFetch and validate IndexNow key fileINFOLook for IndexNow key hints in HTML, Link headers, and robots.txt supportedHints=["robots.txt IndexNow-Key","rel=indexnow-key","meta name=indexnow-key-location"]PASSCompare advertised key location count actual=0 expected="> 0"INFOFetch each advertised same-origin key file and validate filename/body matchFAILCompare valid IndexNow key file count actual=0 expected="> 0"WARNNo discoverable IndexNow key file was found.