chania-honey.gr
Audited 6 days ago· woocommerce
Agent-readiness across all five AI commerce surfaces.
Surfaces — click to filter
19 failing · 33 not checked · 52 shown
33 checks couldn't run on this store — each is listed below with the reason. Your score reflects only what we could verify.
Enforce HTTPS sitewide and ship a Strict-Transport-Security header with max-age ≥ 6 months
Why this matters: AI agents and payment flows refuse plain HTTP; weak HSTS is treated as effectively no HSTS by trust-and-safety scanners.
Findings (1)
Confirmed the homepage is HTTPS (status 200), probed http://chania-honey.gr/ for redirect behaviour, and parsed the Strict-Transport-Security header (absent).
How: URL scheme + homepage status check, an http://host/ redirect probe through politeFetch, and a Strict-Transport-Security max-age parse (RFC 6797; ≥ 180-day threshold).
- No Strict-Transport-Security header on the homepage responseCRITICAL
Add
Strict-Transport-Security: max-age=31536000; includeSubDomainsto every HTTPS response.
Skipped — no /robots.txt was reachable
Context: Google's shopping and AI Overview answers cite product pages Googlebot was permitted to crawl.
Why this was skipped
Wanted to check whether Googlebot is allowed at /product/%ce%bc%ce%ad%ce%bb%ce%b9-%ce%b5%cf%81%ce%b5%ce%af%ce%ba%ce%b7%cf%82-400gr, but no /robots.txt was reachable.
How: RFC 9309 group match on User-agent: Googlebot rules at the representative product path /product/%ce%bc%ce%ad%ce%bb%ce%b9-%ce%b5%cf%81%ce%b5%ce%af%ce%ba%ce%b7%cf%82-400gr (via the parsed robots.txt isAllowed predicate).
Skipped — no /robots.txt was reachable so per-UA rules cannot be evaluated
Context: ChatGPT's shopping answers cite pages OAI-SearchBot could crawl; blocking it removes you from ChatGPT results.
Why this was skipped
Wanted to evaluate whether OAI-SearchBot (OpenAI's ChatGPT search/discovery crawler) is allowed at /, but no /robots.txt was reachable so per-UA rules cannot be evaluated.
How: RFC 9309 group match on User-agent: OAI-SearchBot rules at path / (via the parsed robots.txt isAllowed predicate).
Skipped — no /robots.txt was reachable
Context: A site-wide Disallow of `/` blocks every agent crawler at once — catastrophic across every surface.
Why this was skipped
Wanted to scan the wildcard group for a root Disallow, but no /robots.txt was reachable.
How: Line-by-line scan of robots.txt; track membership of the User-agent: * group (stacked UA lines combine into one group per RFC 9309 section 2.2.1) and flag the file when a root Disallow: / appears in that group with no offsetting Allow: /.
Publish a non-empty robots.txt at the site root
Why this matters: robots.txt is the only place a merchant can declare per-crawler rules and a Sitemap to AI agents.
Findings (1)
Looked for a reachable /robots.txt at the site root. The fetcher returned no robots.txt (404, network error, or non-200 response).
How: Check whether the fetcher reached a non-empty /robots.txt at the site root (RFC 9309 §2.2.3 access method).
- No /robots.txt reachable at the site rootHIGH
/robots.txtno response body (404 / network error / non-200)
Publish a plain-text /robots.txt at the site root with at least
User-agent: *+Allow: /.
Surface brand attribution on every PDP
Why this matters: Brand on every product is a primary agent filter and a required feed field.
Findings (5)
Checked 5 sampled product pages for brand attribution via Product JSON-LD or visible HTML signals (0 attributed, 0%).
How: On each PDP, accept brand attribution from either (a) extractBrand on the first Product JSON-LD node OR (b) an HTML brand signal (OG product:brand, brand meta, og:brand, Microdata itemprop="brand").
Coverage
0/5 · 0%
- No brand attribution on this PDP (neither JSON-LD
brandnor OG/Microdata)HIGH× 5Add
brandto the Product JSON-LD or a<meta property="product:brand">tag.
Populate gtin on every branded Product node
Why this matters: GTINs let agents match your product to the same item elsewhere; without them you lose cross-catalog matching.
Findings (5)
Checked 5 sampled product pages for a GTIN in the Product JSON-LD (0 carry a valid GTIN, 0%).
How: Extract gtin / gtin8 / gtin12 / gtin13 / gtin14 from the first Product JSON-LD node on each PDP; validate digit length.
Coverage
0/5 · 0%
- No valid GTIN on this product pageHIGH× 5
Populate gtin/gtin8/gtin12/gtin13/gtin14 with the manufacturer's barcode.
Emit hasMerchantReturnPolicy on Product or Offer JSON-LD
Why this matters: Without the entry-point return-policy node, agents can't render or quote your return terms — they fall back to platform defaults or skip your store.
Findings (4)
Inspected hasMerchantReturnPolicy on Product/Offer JSON-LD across 4 sampled product pages (0 present, 0%).
How: On each PDP, locate the Product JSON-LD node and check for a hasMerchantReturnPolicy object/array at Product level OR Offer level. Pass band ≥ 85% coverage, partial ≥ 50%.
Coverage
0/4 · 0%
- Product JSON-LD missing
hasMerchantReturnPolicyHIGH× 4Add a MerchantReturnPolicy node to Product or Offer with category + applicableCountry (or merchantReturnLink).
Emit shippingDetails (OfferShippingDetails) on Offer JSON-LD
Why this matters: Without shippingDetails, AI agents fall back to vague defaults — they can't quote your rates, destinations, or delivery windows in shopping cards.
Findings (4)
Inspected shippingDetails on Product/Offer JSON-LD across 4 sampled PDPs (0 present, 0%).
How: On each PDP, locate the Product JSON-LD node and check for shippingDetails (single object or array) at Product or Offer level. Pass band ≥ 85% coverage.
Coverage
0/4 · 0%
- Offer JSON-LD missing
shippingDetailsHIGH× 4Add OfferShippingDetails with shippingRate, shippingDestination, and deliveryTime.
Publish /.well-known/ucp with at minimum a version field
Why this matters: Without `/.well-known/ucp`, Google's AI Mode can't identify your storefront as a UCP-conformant merchant.
Findings (1)
Inspected /.well-known/ucp for a parseable JSON document with a top-level version string.
How: Confirm ctx.wellKnownUcp is non-null and carries a non-empty version string (the only universally-required UCP profile field).
- /.well-known/ucp is not reachable or not parseable as JSONHIGH
Serve a JSON document at /.well-known/ucp with a top-level
versionstring (e.g., "2026-04-08").
Add every required top-level key to the UCP profile
Why this matters: A profile missing one of the four required keys is treated as non-conformant — agent runtimes fall back to default behaviour and may skip the merchant.
Findings (1)
Wanted to inspect UCP root keys, but no profile was found.
How: Read the profile root (or top-level ucp wrapper) and verify the presence of version, services, capabilities, and signing_keys keys.
- No /.well-known/ucp profile presentHIGH
Publish /.well-known/ucp first (see ucp-profile-present).
Declare a shopping service entry with a recognised transport and an HTTPS endpoint
Why this matters: Without a valid shopping service entry, agents can recognise you as a UCP merchant but have no way to fetch your catalog.
Findings (1)
Wanted to walk the UCP profile's services[] for a valid shopping entry, but no profile was found.
How: List every services[] entry whose namespace is shopping (or contains shopping) and require at least one with transport ∈ {rest,mcp,a2a,embedded} AND a syntactically valid https:// endpoint.
- No /.well-known/ucp profile presentHIGH
Publish /.well-known/ucp first (see ucp-profile-present), then declare the shopping service.
Make every signing_keys[] entry a JWK with kty + kty-specific params
Why this matters: Malformed JWK entries are rejected silently by agents — signed payloads cannot be verified and the merchant loses trust signal.
Findings (1)
Wanted to validate signing_keys[], but no UCP profile was found.
How: Walk signing_keys[] and validate each entry per RFC 7517 §4.1 (kty required) + RFC 7518 §6 (kty-specific required parameters). kid is OPTIONAL per RFC 7517 §4.5 and not enforced here.
- No /.well-known/ucp profile presentHIGH
Publish a Product JSON-LD block on every PDP
Why this matters: Product JSON-LD is how agents identify the canonical product entity without running JavaScript.
Findings (1)
Parsed JSON-LD on 5 sampled product pages for a Product node (4 found, 80%).
How: Walk each sampled PDP's parsed jsonLdBlocks, flatten @graph containers, and count the page as passing if any node has @type Product / ProductGroup / IndividualProduct / ProductModel.
Coverage
4/5 · 80%
- No Product JSON-LD on this PDPHIGH
Add a
<script type="application/ld+json">block with@type: Productto the PDP<head>.
Skipped — no /robots.txt was reachable so per-UA rules cannot be evaluated
Context: Microsoft Copilot Shopping ranks results from the Bing index; blocking Bingbot removes you from Copilot answers.
Why this was skipped
Wanted to evaluate whether Bingbot (Microsoft's web crawler — also the source for Copilot Shopping's index) is allowed at /, but no /robots.txt was reachable so per-UA rules cannot be evaluated.
How: RFC 9309 group match on User-agent: Bingbot rules at path / (via the parsed robots.txt isAllowed predicate).
Skipped — No MerchantReturnPolicy node used the MerchantReturnFiniteReturnWindow category, so the `merchantReturnDays` check has nothing to evaluate.
Context: AI agents quote your concrete return window in shopping cards. Without `merchantReturnDays`, your policy renders as 'has a return policy' without the headline number.
Why this was skipped
No MerchantReturnPolicy node used the MerchantReturnFiniteReturnWindow category, so the merchantReturnDays check has nothing to evaluate.
How: For each MerchantReturnPolicy node whose returnPolicyCategory normalizes to MerchantReturnFiniteReturnWindow, require merchantReturnDays to be a positive number (or a numeric string > 0).
Skipped — No PDP carried a `hasMerchantReturnPolicy` node, so Option A/B shape cannot be evaluated.
Context: A policy node missing both shapes is invisible to agents — they can't render it, link to it, or quote your return terms.
Why this was skipped
No PDP carried a hasMerchantReturnPolicy node, so Option A/B shape cannot be evaluated.
How: For each PDP, walk every hasMerchantReturnPolicy node (Product or Offer level) and require either (applicableCountry + returnPolicyCategory) OR a syntactically-valid merchantReturnLink URL.
Skipped — no /robots.txt was reachable so per-UA rules cannot be evaluated
Context: Perplexity's shopping recommendations are built from pages PerplexityBot was permitted to crawl.
Why this was skipped
Wanted to evaluate whether PerplexityBot (Perplexity's shopping index crawler) is allowed at /, but no /robots.txt was reachable so per-UA rules cannot be evaluated.
How: RFC 9309 group match on User-agent: PerplexityBot rules at path / (via the parsed robots.txt isAllowed predicate).
Skipped — No UCP profile present; Cache-Control policy is not evaluable.
Context: If your UCP profile says `no-cache`, agent runtimes re-fetch on every interaction — brittle at scale and prone to rate-limit failures.
Why this was skipped
No UCP profile present; Cache-Control policy is not evaluable.
How: Parse the Cache-Control header on the /.well-known/ucp response; require public, max-age ≥ 60, and no no-store/no-cache/private.
Skipped — No UCP profile present; Content-Type is not evaluable.
Context: Agent runtimes that gate parsing on Content-Type will skip your profile if it's served as HTML or plain text.
Why this was skipped
No UCP profile present; Content-Type is not evaluable.
How: Check that the Content-Type header on /.well-known/ucp starts with application/json (optionally with a charset parameter).
Skipped — No UCP profile reachable; public-fetch evaluation deferred to ucp-profile-present.
Context: Agents fetch `/.well-known/ucp` without credentials — a 401 or 403 means they never see the profile.
Why this was skipped
No UCP profile reachable; public-fetch evaluation deferred to ucp-profile-present.
How: Confirm an unauthenticated GET to /.well-known/ucp returns a 2xx status.
Skipped — No UCP profile present; redirect behaviour is not evaluable.
Context: Lightweight agent clients fetch `/.well-known/ucp` without following redirects — a 301/302 means they never see your profile.
Why this was skipped
No UCP profile present; redirect behaviour is not evaluable.
How: Inspect the final HTTP status of GET /.well-known/ucp and whether any 3xx redirect was followed to reach it.
Skipped — No UCP profile present.
Context: A service declared with the right transport but missing endpoint/schema is unreachable — agents can't negotiate or connect.
Why this was skipped
No UCP profile present.
How: For each services[] entry with a recognised transport, require the transport-conditional fields: rest/mcp → endpoint+schema; a2a → endpoint; embedded → schema.
Skipped — No UCP profile present.
Context: An unrecognised transport leaves agents with no handler to dispatch — your service appears absent.
Why this was skipped
No UCP profile present.
How: For each services[] entry, require transport to be one of: rest, mcp, a2a, embedded.
Emit brand as either a string or a typed Brand object on every Product
Why this matters: Brand on every product is a primary agent filter and a required feed field.
Findings (4)
Inspected the brand field on Product JSON-LD across 4 sampled product pages (0 valid as string or object, 0%).
How: On each Product node, accept brand if it's a non-empty trimmed string OR an object with a non-empty name. Objects with @type Brand/Organization but no name are rejected.
Coverage
0/4 · 0%
- Product
brandis missing or empty (neither a string nor an object withname)MEDIUM× 4Emit
brandas"Acme"(string) or{"@type":"Brand","name":"Acme"}(object).
Add an Organization (or OnlineStore) JSON-LD block to your homepage with a contactPoint
Why this matters: Organization markup with a contactPoint tells AI agents who you are and how a shopper can reach you for support.
Findings (1)
Found a homepage Organization node but its contactPoint is missing both email and telephone.
How: Parse homepage <script type="application/ld+json"> blocks, flatten @graph, and look for an Organization/OnlineStore/Store node with a contactPoint carrying email or telephone.
- Homepage Organization node has no contactPoint with email or telephoneMEDIUM
What we expected
"contactPoint": [{"@type":"ContactPoint","contactType":"customer service","email":"support@example.com","telephone":"+1-555-123-4567"}]Add a contactPoint object with at least one of
emailortelephone.
Install a third-party review platform so agents see syndicated reviews on your storefront
Why this matters: Third-party review widgets feed the ratings AI agents trust when ranking merchants.
Findings (1)
Scanned the homepage and 5 sampled PDPs for 8 review-platform asset fingerprints; none matched.
How: Substring scan of homepage and sampled PDP HTML for known review-platform asset fingerprints (judge.me, yotpo, stamped.io, reviews.io, okendo, loox, trustpilot, bazaarvoice).
- No third-party review-platform integration detectedMEDIUM
none of 8 fingerprints matched across 6 sources
Install a Judge.me / Yotpo / Loox / Okendo / Stamped / Reviews.io / Trustpilot / Bazaarvoice widget on your storefront.
Keep every sitemap entry on the sitemap's own host
Why this matters: Cross-host sitemap entries are silently dropped, so the off-host product URLs effectively don't exist for the crawler.
Findings (2)
Compared 11 <loc> entries against their sitemap host across 2 resource(s); 2 cross-host entries found.
How: For each resolved sitemap resource, parse the sitemap URL's host and compare it against every parsed <loc> URL's host.
- Cross-host <loc> — sitemap host is chania-honey.gr but entry is on www.chania-honey.grMEDIUM
/sitemap.xmlsitemap host: chania-honey.gr; entry host: www.chania-honey.gr
What we found
https://www.chania-honey.gr/page-sitemap.xmlRemove the cross-host entry from this sitemap, or publish a separate sitemap on that host.
- Cross-host <loc> — sitemap host is chania-honey.gr but entry is on www.chania-honey.grMEDIUM
/sitemap.xmlsitemap host: chania-honey.gr; entry host: www.chania-honey.gr
What we found
https://www.chania-honey.gr/product-sitemap.xmlRemove the cross-host entry from this sitemap, or publish a separate sitemap on that host.
Skipped — HSTS itself is not enabled
Context: Without includeSubDomains, an HTTP subdomain (staging, mail, …) can be used to attack the apex's cookies.
Why this was skipped
Looked for includeSubDomains in the Strict-Transport-Security header, but HSTS itself is not enabled.
How: Parse the homepage Strict-Transport-Security header for the includeSubDomains directive (RFC 6797 §6.1.2).
- HSTS not enabled; check
https-and-hsts-enforcedfirst.MEDIUMFix
https-and-hsts-enforcedfirst — once HSTS ships, re-run this check.
Skipped — No MerchantReturnPolicy node carried a `merchantReturnLink` URL, so reachability has nothing to evaluate.
Context: A broken return-link makes Option B policies invisible — agents can't render or follow the link.
Why this was skipped
No MerchantReturnPolicy node carried a merchantReturnLink URL, so reachability has nothing to evaluate.
How: Collect every unique merchantReturnLink URL across all MerchantReturnPolicy nodes; probe each once via politeFetch (failSoft). 2xx counts as reachable.
Skipped — No MerchantReturnPolicy node carried `applicableCountry`, so the ISO-code check has nothing to evaluate.
Context: A non-ISO country is dropped silently; the policy looks present but never reaches the merchant-listing rich result.
Why this was skipped
No MerchantReturnPolicy node carried applicableCountry, so the ISO-code check has nothing to evaluate.
How: On each MerchantReturnPolicy node where applicableCountry is set, extract every candidate string and require every one to match /^[A-Z]{2}$/i.
Skipped — No MerchantReturnPolicy node carried `returnPolicyCategory`, so the enum check has nothing to evaluate.
Context: An invalid category is silently dropped — your policy looks present in the source but never renders in Google's return-policy rich result.
Why this was skipped
No MerchantReturnPolicy node carried returnPolicyCategory, so the enum check has nothing to evaluate.
How: On each MerchantReturnPolicy node where returnPolicyCategory is set, accept the bare enum name or the schema.org URL form; reject any other string.
Skipped — No OfferShippingDetails node carried `shippingDestination`, so the DefinedRegion check has nothing to evaluate.
Context: Without a valid destination region, your shipping rate has no scope — Google can't decide whether to render it for a given shopper's country.
Why this was skipped
No OfferShippingDetails node carried shippingDestination, so the DefinedRegion check has nothing to evaluate.
How: On each OfferShippingDetails node where shippingDestination is set, require it to be a DefinedRegion (or array) and every entry to carry addressCountry matching /^[A-Z]{2}$/i.
Skipped — No OfferShippingDetails node carried `shippingRate`, so the MonetaryAmount check has nothing to evaluate.
Context: An invalid rate object is silently dropped; agents can't quote your shipping cost in shopping cards.
Why this was skipped
No OfferShippingDetails node carried shippingRate, so the MonetaryAmount check has nothing to evaluate.
How: On each OfferShippingDetails node where shippingRate is set, require an object with numeric value/maxValue (typed or numeric string) and a 3-letter ISO 4217 currency.
Skipped — no robots.txt was reachable
Context: Declaring the sitemap in robots.txt is the simplest way to point every crawler at your full product list.
Why this was skipped
Wanted to read Sitemap: directives from /robots.txt, but no robots.txt was reachable.
How: Read parsed Sitemap: directives from robots.txt (sitemaps.org / RFC 9309 implementation note).
Skipped — No UCP profile present.
Context: Capabilities missing version/spec/schema can't be matched against agent support tables — agents skip them silently.
Why this was skipped
No UCP profile present.
How: For each capabilities[] entry, require non-empty string values for version, spec, and schema.
Skipped — No UCP profile present.
Context: A spec URL on an unrelated authority signals the service was copy-pasted from stale documentation — agents can't trust the conformance claim.
Why this was skipped
No UCP profile present.
How: For each service with a spec URL, require the URL origin to be a canonical UCP authority OR the host/path to include the namespace token.
Skipped — No UCP profile present; service version formats are not evaluable.
Context: Free-form version labels like `1.0` or `latest` defeat the version-pinning agents rely on, leaving them unable to negotiate the correct spec generation.
Why this was skipped
No UCP profile present; service version formats are not evaluable.
How: For each services[] entry, require version to be a string matching /^\d{4}-\d{2}-\d{2}$/.
Add an AggregateRating to Product nodes when you have real reviews
Why this matters: Review ratings are a trust signal agents use to rank and filter products.
Findings (4)
Looked for a valid aggregateRating on Product JSON-LD across 4 sampled product pages (0 valid, 0%).
How: On each Product node, parse aggregateRating (or the first element if it's an array) and require ratingValue in [0,5] AND reviewCount or ratingCount ≥ 1.
Coverage
0/4 · 0%
- Product has no valid AggregateRating (ratingValue 0-5 + reviewCount/ratingCount ≥ 1)LOW× 4
Render
aggregateRatingfrom real review totals — never fabricate.
Add descriptive alt text to product images (WCAG 2.x SC 1.1.1)
Why this matters: Alt text is the only text description AI agents and screen readers have for your product imagery.
Findings (3)
Parsed <img> alt attributes across 5 sampled product pages (2 have alt text on at least 80% of images).
How: Per PDP, count <img> tags via regex; a tag 'has alt text' when its alt attribute is present AND non-empty after trim. A PDP passes when it carries no <img> at all OR ≥80% of its <img> tags have non-empty alt.
Coverage
2/5 · 40%
- Most images on this product page lack alt textLOW× 3
What we expected
<img src="/img/sneaker.webp" alt="Red leather running shoe, side view" />Populate the alt attribute on each <img> with a description of what the image shows; use alt="" only for decorative images.
Affected (3)
- /product/%ce%bc%ce%ad%ce%bb%ce%b9-%ce%b8%cf%85%…8/13 <img> tags have non-empty alt (62%)
- /product/%ce%bc%ce%ad%ce%bb%ce%b9-%ce%b8%cf%85%…8/13 <img> tags have non-empty alt (62%)
- /product/%ce%bc%ce%ad%ce%bb%ce%b9-%ce%b8%cf%85%…8/13 <img> tags have non-empty alt (62%)
Skipped — no /robots.txt was reachable so per-UA rules cannot be evaluated
Context: Explicitly allowing ChatGPT-User removes ambiguity about whether ChatGPT can fetch pages during user actions.
Why this was skipped
Wanted to evaluate whether ChatGPT-User (OpenAI's user-initiated live fetcher (advisory)) is allowed at /, but no /robots.txt was reachable so per-UA rules cannot be evaluated.
How: RFC 9309 group match on User-agent: ChatGPT-User rules at path / (via the parsed robots.txt isAllowed predicate).
Skipped — HSTS itself is not enabled
Context: HSTS preload-list inclusion is the strongest downgrade protection available — first-time visits are protected too.
Why this was skipped
Looked for the preload directive in the Strict-Transport-Security header, but HSTS itself is not enabled.
How: Parse the homepage Strict-Transport-Security header for the preload directive (hstspreload.org vendor extension to RFC 6797).
- HSTS not enabled; check
https-and-hsts-enforcedfirst.LOWFix
https-and-hsts-enforcedfirst — once HSTS ships, re-run this check.
Skipped — No MerchantReturnPolicy node carried returnFees, returnMethod, or refundType, so the enum check has nothing to evaluate.
Context: Invalid enrichment values are dropped silently, leaving merchants confused about why their rendered policy is missing fields they configured.
Why this was skipped
No MerchantReturnPolicy node carried returnFees, returnMethod, or refundType, so the enum check has nothing to evaluate.
How: On each MerchantReturnPolicy node, inspect returnFees/returnMethod/refundType if set; require the bare name or schema.org URL form of a value in the corresponding Schema.org enum.
Skipped — No OfferShippingDetails node carried `deliveryTime`, so the ShippingDeliveryTime check has nothing to evaluate.
Context: Without populated handling/transit times, agents can't quote a delivery window in shopping cards.
Why this was skipped
No OfferShippingDetails node carried deliveryTime, so the ShippingDeliveryTime check has nothing to evaluate.
How: On each OfferShippingDetails node where deliveryTime is set, require an object with at least one of handlingTime / transitTime populated as a QuantitativeValue.
Skipped — no /robots.txt was reachable so per-UA rules cannot be evaluated
Context: Explicitly allowing Perplexity-User removes ambiguity about whether Perplexity can fetch pages live during user actions.
Why this was skipped
Wanted to evaluate whether Perplexity-User (Perplexity's live user-initiated fetcher (advisory)) is allowed at /, but no /robots.txt was reachable so per-UA rules cannot be evaluated.
How: RFC 9309 group match on User-agent: Perplexity-User rules at path / (via the parsed robots.txt isAllowed predicate).
Skipped — No /robots.txt was reachable, so the content-type check has nothing to evaluate.
Context: A wrong content type makes strict crawlers ignore the file entirely and fall back to permissive defaults.
Why this was skipped
No /robots.txt was reachable, so the content-type check has nothing to evaluate.
How: Inspect the /robots.txt response Content-Type header for a text/plain media type per RFC 9309 §2.3.
- No /robots.txt reachable — content-type check skippedLOW
Skipped — No /robots.txt was reachable, so the size check has nothing to evaluate.
Context: An oversized robots.txt is truncated by Google and Bing — trailing rules and Sitemap directives are silently lost.
Why this was skipped
No /robots.txt was reachable, so the size check has nothing to evaluate.
How: Measure the raw byte size of the /robots.txt body and compare against the RFC 9309 §2.5 parser cap (≥ 500 KiB).
- No /robots.txt reachable — size check skippedLOW
Skipped — No /robots.txt was reachable, so the encoding check has nothing to evaluate (see robots-txt-present).
Context: Non-UTF-8 robots files are silently dropped by Google's parser; the merchant loses all per-UA control.
Why this was skipped
No /robots.txt was reachable, so the encoding check has nothing to evaluate (see robots-txt-present).
How: Inspect the raw byte stream of /robots.txt for UTF-8 decodability per RFC 9309 §2.3.
- No /robots.txt reachable — encoding check skippedLOW
Skipped — No UCP profile found; MCP transport validity is not evaluable.
Context: If you advertise MCP transport, agents will try to connect — broken or non-HTTPS endpoints fail silently and lose the integration.
Why this was skipped
No UCP profile found; MCP transport validity is not evaluable.
How: Filter services[] to entries where transport=mcp and validate that endpoint is an absolute https:// URL.
Enable Apple Pay through your payment processor (informational only)
Why this matters: Apple Pay is a checkout-quality signal for human shoppers — informational only, does not affect the agent-readiness score.
Findings (1)
Scanned the homepage and 5 sampled PDPs for Apple Pay markers; none matched.
How: Substring match on known Apple Pay SDK/markup signatures (ApplePaySession, apple-pay-button, /apple-developer-merchantid-domain-association) across the homepage and every sampled PDP HTML.
- No Apple Pay markers detected on the homepage or PDPsINFO
Enable Apple Pay in your payment processor's dashboard (Stripe / Adyen / Braintree). Informational only — does not affect the score.
Enable Google Pay through your payment processor (informational only)
Why this matters: Google Pay is a checkout-quality signal for human shoppers — informational only, does not affect the agent-readiness score.
Findings (1)
Scanned the homepage and 5 sampled PDPs for Google Pay markers; none matched.
How: Substring match on known Google Pay SDK/markup signatures (pay.google.com/gp/p/js/pay.js, google.payments.api, <google-pay-button) across the homepage and every sampled PDP HTML.
- No Google Pay markers detected on the homepage or PDPsINFO
Enable Google Pay in your payment processor's dashboard (Stripe / Adyen / Braintree). Informational only — does not affect the score.
Skipped — Looked for /llms.txt at the site root; the fetcher returned no file.
Context: An /llms.txt manifest points agents at your feed and key pages without them having to guess.
Why this was skipped
Looked for /llms.txt at the site root; the fetcher returned no file.
How: Check whether the fetcher reached an /llms.txt at the site root. Informational only — no failure path per llmstxt.org being a voluntary community convention.