aisecurityguard.com D · 55/100
13 passed 19 warnings 0 failed audit-mnezbefv
SSL / TLS Valid HTTPS · 481ms
x402 discovery /.well-known/x402.json (non-JSON) · 471ms
Agent discovery /.well-known/agent.json not valid JSON · 470ms
llms.txt Found (1820 chars) · 473ms
security.txt Found · 473ms
CORS headers No CORS header (OK if server-to-server only) · 591ms
Security headers 0/5 — missing critical: x-content-type-options, strict-transport-security, content-security-policy · 830ms
Response time 448ms avg · 448ms
MCP server /mcp/info responds · 595ms
API endpoints 4 endpoints found
Error handling Returns 200 for unknown paths · 600ms
x402 compliance No x402 payment gates found · 717ms
Rate limiting No rate-limit headers (may still be rate-limited server-side) · 717ms
Documentation /docs found · 718ms
robots.txt AI crawlers robots.txt exists but no AI crawler rules · 960ms
AI plugin manifest /.well-known/ai-plugin.json not valid JSON · 835ms
OpenAPI spec /openapi.json found but invalid JSON · 836ms
Privacy / GDPR /privacy found (114 chars) · 838ms
Status / Health /status found · 945ms
EU AI Act disclosure /.well-known/model-card.json found (114 chars) · 949ms
Travel Rule (FATF) /.well-known/travel-rule.json found (non-JSON, 114 chars) · 954ms
A2A Protocol (Google) agent.json found but invalid JSON · 957ms
DNSSEC No DNSSEC — domain is vulnerable to DNS spoofing
CAA Records No CAA records — any CA can issue certificates
DMARC / SPF SPF -all (strict)
Auth maturity No authentication detected — open API or check failed
API versioning /v1
Human oversight /agent/stop — active (EU AI Act Art. 14) · 1080ms
Terms of Service /terms exists but very short · 1095ms
Content-Type API paths return HTML: /v1/ returns HTML
Wallet trust No wallet address found in x402 or agent.json
ERC-8004 on-chain No EVM wallet found to verify on-chain registration
55
19 issues to fix
Warning — 19
Agent discovery needs attention

/.well-known/agent.json not valid JSON

CORS headers needs attention

No CORS header (OK if server-to-server only)

Security headers needs attention

0/5 — missing critical: x-content-type-options, strict-transport-security, content-security-policy

Error handling needs attention

Returns 200 for unknown paths

x402 compliance needs attention

No x402 payment gates found

Rate limiting needs attention

No rate-limit headers (may still be rate-limited server-side)

robots.txt AI crawlers needs attention

robots.txt exists but no AI crawler rules

AI plugin manifest needs attention

/.well-known/ai-plugin.json not valid JSON

OpenAPI spec needs attention

/openapi.json found but invalid JSON

Travel Rule (FATF) needs attention

/.well-known/travel-rule.json found (non-JSON, 114 chars)

A2A Protocol (Google) needs attention

agent.json found but invalid JSON

DNSSEC needs attention

No DNSSEC — domain is vulnerable to DNS spoofing

CAA Records needs attention

No CAA records — any CA can issue certificates

DMARC / SPF needs attention

SPF -all (strict)

Auth maturity needs attention

No authentication detected — open API or check failed

Terms of Service needs attention

/terms exists but very short

Content-Type needs attention

API paths return HTML: /v1/ returns HTML

Wallet trust needs attention

No wallet address found in x402 or agent.json

ERC-8004 on-chain needs attention

No EVM wallet found to verify on-chain registration

Share on X Run new audit
🔒 Probe trust badge — unlock at score 60+

Fix your failing checks to earn the Probe verified badge. Display it on your site footer and README to show compliance.

⚡ Fix my API — $29 Current score: 55/100 → need 60+
Badge preview Shield preview
2026-03-31 18:57:28 UTC · getprobe.xyz