context7.com F · 49/100
14 passed 19 warnings 1 failed audit-mnfvxyfv
SSL / TLS Valid HTTPS · 162ms
x402 discovery No x402 discovery found
Agent discovery /agent.json not valid JSON · 399ms
llms.txt Found (60370 chars) · 365ms
security.txt Not found · 193ms
CORS headers origin: * (open — OK for public APIs) · 193ms
Security headers 1/5 — missing critical: x-content-type-options, content-security-policy · 215ms
Response time 304ms avg · 304ms
MCP server /mcp/info responds · 293ms
API endpoints 1 endpoints found
Error handling Returns 200 for unknown paths · 300ms
x402 compliance No x402 payment gates found · 247ms
Rate limiting No rate-limit headers (may still be rate-limited server-side) · 249ms
Documentation No documentation endpoint
robots.txt AI crawlers robots.txt exists but no AI crawler rules · 354ms
AI plugin manifest /ai-plugin.json not valid JSON · 389ms
OpenAPI spec /openapi.json — 3.0.0, 13 paths, servers defined, auth documented · 335ms
Privacy / GDPR /privacy found (60350 chars) · 392ms
Status / Health /status found · 408ms
EU AI Act disclosure /model-card.json found (60510 chars) · 424ms
Travel Rule (FATF) /travel-rule found (non-JSON, 60430 chars) · 387ms
A2A Protocol (Google) No agent.json for A2A discovery
DNSSEC DNSSEC check failed
CAA Records No CAA records — any CA can issue certificates
DMARC / SPF SPF ~all (softfail)
Auth maturity No authentication detected — open API or check failed
API versioning /v1
Human oversight /agent/stop — active (EU AI Act Art. 14) · 592ms
Terms of Service /terms found (60310 chars) · 750ms
Content-Type No application/json responses (1 paths tested)
OASF Classification No OASF or agent service classification found
MCP Transport Security /mcp active · HSTS · 771ms
Wallet trust No wallet address found in x402 or agent.json
ERC-8004 on-chain No EVM wallet found to verify on-chain registration
49
20 issues to fix
Critical — 1
x402 discovery failed

No x402 discovery found

Warning — 19
Agent discovery needs attention

/agent.json not valid JSON

security.txt needs attention

Not found

Security headers needs attention

1/5 — missing critical: x-content-type-options, content-security-policy

Error handling needs attention

Returns 200 for unknown paths

x402 compliance needs attention

No x402 payment gates found

Rate limiting needs attention

No rate-limit headers (may still be rate-limited server-side)

Documentation needs attention

No documentation endpoint

robots.txt AI crawlers needs attention

robots.txt exists but no AI crawler rules

AI plugin manifest needs attention

/ai-plugin.json not valid JSON

Travel Rule (FATF) needs attention

/travel-rule found (non-JSON, 60430 chars)

A2A Protocol (Google) needs attention

No agent.json for A2A discovery

DNSSEC needs attention

DNSSEC check failed

CAA Records needs attention

No CAA records — any CA can issue certificates

DMARC / SPF needs attention

SPF ~all (softfail)

Auth maturity needs attention

No authentication detected — open API or check failed

Content-Type needs attention

No application/json responses (1 paths tested)

OASF Classification needs attention

No OASF or agent service classification found

Wallet trust needs attention

No wallet address found in x402 or agent.json

ERC-8004 on-chain needs attention

No EVM wallet found to verify on-chain registration

🔧 Fix 1 failing checks automatically

Probe Autofix connects to your GitHub repo and creates a PR with all the fixes. DNS fixes are applied directly via Cloudflare API. No manual coding needed.

⚡ Autofix — Free GitHub PR + DNS fixes included
Share on X Run new audit
🔒 Probe trust badge — unlock at score 60+

Fix your failing checks to earn the Probe verified badge. Display it on your site footer and README to show compliance.

⚡ Autofix — Free Current score: 49/100 → need 60+
Badge preview Shield preview
2026-04-01 10:10:48 UTC · getprobe.xyz