Probe Report — registry.npmjs.org

registry.npmjs.org F · 36/100

10 passed 15 warnings 2 failed 17 n/a audit-mnkl4gxf

— Voice AI— x402 / Crypto— MCP

SSL / TLS Valid HTTPS · 13ms

x402 discovery n/a

Agent discovery No agent.json found

llms.txt HTTP 404 · 257ms

security.txt Not found · 176ms

CORS headers No CORS header (OK if server-to-server only) · 22ms

Security headers 0/5 — missing critical: x-content-type-options, strict-transport-security, content-security-policy · 22ms

Response time 390ms avg · 390ms

MCP server n/a

API endpoints 2 endpoints found

Error handling 404 JSON response · 264ms

x402 compliance n/a

Rate limiting No rate-limit headers (may still be rate-limited server-side) · 191ms

Documentation /docs found · 746ms

robots.txt AI crawlers No AI crawler directives (GPTBot, ClaudeBot, etc.) · 729ms

AI plugin manifest No ai-plugin.json (optional for ChatGPT/LLM integration)

OpenAPI spec No OpenAPI/Swagger spec found

Privacy / GDPR /privacy found (4129 chars) · 544ms

Status / Health /status found · 808ms

EU AI Act disclosure No AI model card or disclosure endpoint

Travel Rule (FATF) n/a

A2A Protocol (Google) No agent.json for A2A discovery

DNSSEC DNSSEC check failed

CAA Records CAA check failed

DMARC / SPF No DMARC or SPF records found

Auth maturity No authentication detected — open API or check failed

API versioning /v1

Human oversight No human oversight / kill switch endpoint (EU AI Act Art. 14)

Content-Type JSON on 1/1 paths

OASF Classification No OASF or agent service classification found

MCP Transport Security n/a

Voice AI Disclosure n/a

Synthetic Voice Labeling n/a

Synthetic Content Labeling n/a

Emotion Recognition Declaration n/a

Call Recording Consent n/a

FCC/TCPA Compliance n/a

Operator Identity & KYB n/a

Opt-out & Human Escalation n/a

Voice Call Policy n/a

Caller Identity Declaration n/a

Wallet trust n/a

ERC-8004 on-chain n/a

17 issues to fix

Critical — 2

Agent discovery failed

No agent.json found

llms.txt failed

HTTP 404

Warning — 15

security.txt needs attention

Not found

CORS headers needs attention

No CORS header (OK if server-to-server only)

Security headers needs attention

0/5 — missing critical: x-content-type-options, strict-transport-security, content-security-policy

Rate limiting needs attention

No rate-limit headers (may still be rate-limited server-side)

robots.txt AI crawlers needs attention

No AI crawler directives (GPTBot, ClaudeBot, etc.)

AI plugin manifest needs attention

No ai-plugin.json (optional for ChatGPT/LLM integration)

OpenAPI spec needs attention

No OpenAPI/Swagger spec found

EU AI Act disclosure needs attention

No AI model card or disclosure endpoint

A2A Protocol (Google) needs attention

No agent.json for A2A discovery

DNSSEC needs attention

DNSSEC check failed

CAA Records needs attention

CAA check failed

DMARC / SPF needs attention

No DMARC or SPF records found

Auth maturity needs attention

No authentication detected — open API or check failed

Human oversight needs attention

No human oversight / kill switch endpoint (EU AI Act Art. 14)

OASF Classification needs attention

No OASF or agent service classification found

🔧 Fix 2 failing checks automatically

Probe Autofix connects to your GitHub repo and creates a PR with all the fixes. DNS fixes are applied directly via Cloudflare API. No manual coding needed.

⚡ Autofix — Free GitHub PR + DNS fixes included

Share on X Run new audit

🔒 Probe trust badge — unlock at score 60+

Fix your failing checks to earn the Probe verified badge. Display it on your site footer and README to show compliance.

⚡ Autofix — Free Current score: 36/100 → need 60+

2026-04-04 17:06:47 UTC · getprobe.xyz