Probe Report — agoragentic.com

agoragentic.com C · 62/100

20 passed 14 warnings 0 failed audit-mnfrszy5

SSL / TLS Valid HTTPS · 4044ms

x402 discovery /.well-known/x402.json (non-JSON) · 4058ms

Agent discovery /.well-known/agent.json — Agoragentic · 3924ms

llms.txt Found (12912 chars) · 3931ms

security.txt Found · 4046ms

CORS headers No CORS header (OK if server-to-server only) · 4426ms

Security headers 5/5 present (all critical headers set) · 4431ms

Response time 2802ms avg — slow · 2802ms

MCP server /mcp/info responds · 4550ms

API endpoints 2 endpoints found

Error handling Returns 200 for unknown paths · 4556ms

x402 compliance No x402 payment gates found · 5072ms

Rate limiting Limit: 120 · 4931ms

Documentation No documentation endpoint

robots.txt AI crawlers 5 AI crawlers configured: GPTBot, ClaudeBot, Anthropic, PerplexityBot, Bytespider · 4555ms

AI plugin manifest /.well-known/ai-plugin.json — "Agoragentic" · 4691ms

OpenAPI spec No OpenAPI/Swagger spec found

Privacy / GDPR /privacy found (101197 chars) · 4789ms

Status / Health /status found · 4817ms

EU AI Act disclosure /.well-known/model-card.json found (101197 chars) · 4940ms

Travel Rule (FATF) /.well-known/travel-rule.json found (non-JSON, 101197 chars) · 4827ms

A2A Protocol (Google) Agent Card — url, v2.0.0 · 4916ms

DNSSEC No DNSSEC — domain is vulnerable to DNS spoofing

CAA Records No CAA records — any CA can issue certificates

DMARC / SPF DMARC p=quarantine · SPF ~all (softfail)

Auth maturity No authentication detected — open API or check failed

API versioning /v1

Human oversight /agent/stop — active (EU AI Act Art. 14) · 5050ms

Content-Type JSON on 1/2 paths

OASF Classification /.well-known/oasf.json exists · 5127ms

MCP Transport Security /mcp active · HSTS · 5179ms

Wallet trust No wallet address found in x402 or agent.json

ERC-8004 on-chain No EVM wallet found to verify on-chain registration

14 issues to fix

Warning — 14

CORS headers needs attention

No CORS header (OK if server-to-server only)

Response time needs attention

2802ms avg — slow

Error handling needs attention

Returns 200 for unknown paths

x402 compliance needs attention

No x402 payment gates found

Documentation needs attention

No documentation endpoint

OpenAPI spec needs attention

No OpenAPI/Swagger spec found

Travel Rule (FATF) needs attention

/.well-known/travel-rule.json found (non-JSON, 101197 chars)

A2A Protocol (Google) needs attention

Agent Card — url, v2.0.0

DNSSEC needs attention

No DNSSEC — domain is vulnerable to DNS spoofing

CAA Records needs attention

No CAA records — any CA can issue certificates

DMARC / SPF needs attention

DMARC p=quarantine · SPF ~all (softfail)

Auth maturity needs attention

No authentication detected — open API or check failed

Wallet trust needs attention

No wallet address found in x402 or agent.json

ERC-8004 on-chain needs attention

No EVM wallet found to verify on-chain registration

Share on X Run new audit

🎖️ Your API qualifies for the Probe trust badge

Footer seal

README badge

Footer HTML — paste in your site footer:

<a href="https://getprobe.xyz/report/audit-mnfrszy5" target="_blank" rel="noopener"><img src="https://getprobe.xyz/api/badge?domain=agoragentic.com&style=seal" alt="Verified by Probe" width="120" height="140"></a>

README Markdown:

[![Probe](https://getprobe.xyz/api/badge?domain=agoragentic.com)](https://getprobe.xyz/report/audit-mnfrszy5)

2026-04-01 08:14:59 UTC · getprobe.xyz