Probe Report — builders-map.com

builders-map.com F · 41/100

8 passed 17 warnings 3 failed audit-mndjvbef

SSL / TLS Valid HTTPS · 165ms

x402 discovery No x402 discovery found

Agent discovery No agent.json found

llms.txt HTTP 404 · 329ms

security.txt Not found · 365ms

CORS headers No CORS header (OK if server-to-server only) · 204ms

Security headers 3/5 — missing: content-security-policy · 239ms

Response time 327ms avg · 327ms

MCP server /mcp/info responds · 422ms

API endpoints 4 endpoints found

Error handling Returns 200 for unknown paths · 538ms

x402 compliance No x402 payment gates found · 400ms

Rate limiting No rate-limit headers (may still be rate-limited server-side) · 402ms

Documentation /docs found · 538ms

robots.txt AI crawlers No AI crawler directives (GPTBot, ClaudeBot, etc.) · 499ms

AI plugin manifest No ai-plugin.json (optional for ChatGPT/LLM integration)

OpenAPI spec No OpenAPI/Swagger spec found

Privacy / GDPR /privacy found (1635 chars) · 628ms

Status / Health /status found · 645ms

EU AI Act disclosure /ai-disclosure found (1635 chars) · 173ms

Travel Rule (FATF) /travel-rule found (non-JSON, 1635 chars) · 337ms

A2A Protocol (Google) No agent.json for A2A discovery

DNSSEC No DNSSEC — domain is vulnerable to DNS spoofing

CAA Records No CAA records — any CA can issue certificates

DMARC / SPF DMARC p=quarantine

Auth maturity No authentication detected — open API or check failed

Wallet trust No wallet address found in x402 or agent.json

ERC-8004 on-chain No EVM wallet found to verify on-chain registration

20 issues to fix

Critical — 3

x402 discovery failed

No x402 discovery found

Agent discovery failed

No agent.json found

llms.txt failed

HTTP 404

Warning — 17

security.txt needs attention

Not found

CORS headers needs attention

No CORS header (OK if server-to-server only)

Security headers needs attention

3/5 — missing: content-security-policy

Error handling needs attention

Returns 200 for unknown paths

x402 compliance needs attention

No x402 payment gates found

Rate limiting needs attention

No rate-limit headers (may still be rate-limited server-side)

robots.txt AI crawlers needs attention

No AI crawler directives (GPTBot, ClaudeBot, etc.)

AI plugin manifest needs attention

No ai-plugin.json (optional for ChatGPT/LLM integration)

OpenAPI spec needs attention

No OpenAPI/Swagger spec found

Travel Rule (FATF) needs attention

/travel-rule found (non-JSON, 1635 chars)

A2A Protocol (Google) needs attention

No agent.json for A2A discovery

DNSSEC needs attention

No DNSSEC — domain is vulnerable to DNS spoofing

CAA Records needs attention

No CAA records — any CA can issue certificates

DMARC / SPF needs attention

DMARC p=quarantine

Auth maturity needs attention

No authentication detected — open API or check failed

Wallet trust needs attention

No wallet address found in x402 or agent.json

ERC-8004 on-chain needs attention

No EVM wallet found to verify on-chain registration

🔧 Fix 3 failing checks automatically

Probe Autofix connects to your GitHub repo and creates a PR with all the fixes. DNS fixes are applied directly via Cloudflare API. No manual coding needed.

⚡ Fix my API — $29 or included in Pro plan

Share on X Run new audit

🔒 Probe trust badge — unlock at score 60+

Fix your failing checks to earn the Probe verified badge. Display it on your site footer and README to show compliance.

⚡ Fix my API — $29 Current score: 41/100 → need 60+

2026-03-30 18:57:17 UTC · getprobe.xyz