developer.visa.com F · 34/100
8 passed 17 warnings 2 failed 17 n/a audit-mnka3tl2
— Voice AI— x402 / Crypto— MCP
SSL / TLS Valid HTTPS · 197ms
x402 discovery n/a
Agent discovery No agent.json found
llms.txt HTTP 404 · 195ms
security.txt Not found · 186ms
CORS headers origin: https://partner.visa.com (restricted) · 363ms
Security headers 3/5 — missing: content-security-policy · 378ms
Response time 704ms avg · 704ms
MCP server n/a
API endpoints 2 endpoints found
Error handling 404 JSON response · 497ms
x402 compliance n/a
Rate limiting No rate-limit headers (may still be rate-limited server-side) · 568ms
Documentation /docs found · 568ms
robots.txt AI crawlers HTTP 404 · 543ms
AI plugin manifest No ai-plugin.json (optional for ChatGPT/LLM integration)
OpenAPI spec No OpenAPI/Swagger spec found
Privacy / GDPR /privacy found (1269 chars) · 687ms
Status / Health No status or health endpoint
EU AI Act disclosure No AI model card or disclosure endpoint
Travel Rule (FATF) n/a
A2A Protocol (Google) No agent.json for A2A discovery
DNSSEC DNSSEC check failed
CAA Records 1 CAA record(s) found on developer.visa.com
DMARC / SPF DMARC p=reject
Auth maturity No authentication detected — open API or check failed
API versioning No versioned paths or version headers found
Human oversight No human oversight / kill switch endpoint (EU AI Act Art. 14)
Terms of Service /terms found (142678 chars) · 841ms
Content-Type No application/json responses (1 paths tested)
OASF Classification No OASF or agent service classification found
MCP Transport Security n/a
Voice AI Disclosure n/a
Synthetic Voice Labeling n/a
Synthetic Content Labeling n/a
Emotion Recognition Declaration n/a
Call Recording Consent n/a
FCC/TCPA Compliance n/a
Operator Identity & KYB n/a
Opt-out & Human Escalation n/a
Voice Call Policy n/a
Caller Identity Declaration n/a
Wallet trust n/a
ERC-8004 on-chain n/a
34
19 issues to fix
Critical — 2
Agent discovery failed

No agent.json found

llms.txt failed

HTTP 404

Warning — 17
security.txt needs attention

Not found

Security headers needs attention

3/5 — missing: content-security-policy

Response time needs attention

704ms avg

Rate limiting needs attention

No rate-limit headers (may still be rate-limited server-side)

robots.txt AI crawlers needs attention

HTTP 404

AI plugin manifest needs attention

No ai-plugin.json (optional for ChatGPT/LLM integration)

OpenAPI spec needs attention

No OpenAPI/Swagger spec found

Status / Health needs attention

No status or health endpoint

EU AI Act disclosure needs attention

No AI model card or disclosure endpoint

A2A Protocol (Google) needs attention

No agent.json for A2A discovery

DNSSEC needs attention

DNSSEC check failed

DMARC / SPF needs attention

DMARC p=reject

Auth maturity needs attention

No authentication detected — open API or check failed

API versioning needs attention

No versioned paths or version headers found

Human oversight needs attention

No human oversight / kill switch endpoint (EU AI Act Art. 14)

Content-Type needs attention

No application/json responses (1 paths tested)

OASF Classification needs attention

No OASF or agent service classification found

🔧 Fix 2 failing checks automatically

Probe Autofix connects to your GitHub repo and creates a PR with all the fixes. DNS fixes are applied directly via Cloudflare API. No manual coding needed.

⚡ Autofix — Free GitHub PR + DNS fixes included
Share on X Run new audit
🔒 Probe trust badge — unlock at score 60+

Fix your failing checks to earn the Probe verified badge. Display it on your site footer and README to show compliance.

⚡ Autofix — Free Current score: 34/100 → need 60+
Badge preview Shield preview
2026-04-04 11:58:21 UTC · getprobe.xyz