pathcoffees.com — AI Commerce Audit

HALFCRITICAL

HTTPS enforced sitewide + HSTS (≥ 6-month max-age)https-and-hsts-enforcedHSTS

Enforce HTTPS sitewide and ship a Strict-Transport-Security header with max-age ≥ 6 months

Why this matters: AI agents and payment flows refuse plain HTTP; weak HSTS is treated as effectively no HSTS by trust-and-safety scanners.

RFC 6797 — HTTP Strict Transport Security (HSTS)

−3.4impact

Findings (1)

Confirmed the homepage is HTTPS (status 200), probed http://pathcoffees.com/ for redirect behaviour, and parsed the Strict-Transport-Security header (absent).

How: URL scheme + homepage status check, an http://host/ redirect probe through politeFetch, and a Strict-Transport-Security max-age parse (RFC 6797; ≥ 180-day threshold).

No Strict-Transport-Security header on the homepage responseCRITICAL
/
Add Strict-Transport-Security: max-age=31536000; includeSubDomains to every HTTPS response.

How to fix · 3 steps · create a free account to viewCreate a free account →

HALFCRITICAL

Offer price + priceCurrency validoffer-price-currency-validMerchantSchema.org

Set price as a number and priceCurrency as an ISO 4217 code

Why this matters: Agents need a price with a currency to show and compare your product.

Google merchant listing — price + priceCurrency required

−3impact

Findings (1)

Parsed Offer price and priceCurrency on Product JSON-LD across 10 sampled product pages (9 valid, 90%).

How: Parse Offer price (or AggregateOffer lowPrice) as a parseable numeric price ≥ 0; require priceCurrency to match /^[A-Z]{3}$/i.

Coverage

9/10 · 90%

Offer is missing a numeric price or valid priceCurrencyCRITICAL
/product/sab-jolly-compact-auto-and-obel-mito-6…no Offer on Product node
Render price as a number and priceCurrency as a 3-letter ISO 4217 code.

How to fix · 2 steps · create a free account to viewCreate a free account →

FAILHIGH

No sampled PDP returns a noindex directivepdp-not-noindexMerchant

Remove the noindex directive from every PDP

Why this matters: A noindex on the PDP makes it invisible to Google and ineligible for the merchant listing program.

Google merchant listing — indexable PDPs

−2.8impact

Findings (3)

Sampled 20 PDP(s); 3 returned a noindex directive.

How: For each sampled PDP, inspect the HTML for <meta name="robots" content="...noindex..."> and the response headers for X-Robots-Tag: ...noindex....

Coverage

17/20 · 85%

PDP returns noindex (html)HIGH
/product/sab-jolly-compact-auto-and-obel-mito-6…content: noindex, nofollow, max-snippet:-1, max-video-preview:-1, max-image-preview:large
What we found
```
<meta name="robots" content="noindex, nofollow, max-snippet:-1, max-video-preview:-1, max-image-preview:large"/>
```
What we expected
```
<meta name="robots" content="index, follow">
```
Remove the noindex directive from both the meta tag and the X-Robots-Tag header on this route.
PDP returns noindex (html)HIGH× 2
What we found
```
<meta name="robots" content="follow, noindex"/>
```
What we expected
```
<meta name="robots" content="index, follow">
```
Remove the noindex directive from both the meta tag and the X-Robots-Tag header on this route.
Affected (2)
- /product/5lb-flat-bag-and-label-sheet-combocontent: follow, noindex
- /product/12oz-flat-bag-and-label-sheet-combocontent: follow, noindex

How to fix · 3 steps · create a free account to viewCreate a free account →

FAILHIGH

Each PDP carries at most one Product JSON-LD nodepdp-single-product-pageMerchant

Emit a single Product JSON-LD node per PDP

Why this matters: Duplicate Product nodes on a single PDP cause Google's merchant scraper to drop the listing or pick the wrong variant.

Google merchant listing — single product per page

−2.5impact

Findings (8)

Sampled 20 PDP(s); 8 carried multiple Product JSON-LD nodes.

How: For each sampled PDP, count JSON-LD nodes whose @type is Product or whose @type array contains Product. Each PDP must expose at most one.

Coverage

12/20 · 60%

PDP exposes 6 Product JSON-LD nodesHIGH× 6
Emit exactly one Product JSON-LD block per PDP; model variants via hasVariant or multiple Offer children.
Affected (6)
- /product/burundi-twaranyuzwe-light-roast-coffee6 Product nodes detected
- /product/el-salvador-santa-ana6 Product nodes detected
- /product/ethiopia-biru-bekele-light-roast-coffee6 Product nodes detected
- /product/burundi-ngozi-light-roast-coffee6 Product nodes detected
- /product/ethiopia-kochere-light-roast-coffee6 Product nodes detected
- /product/vantablack-dark-roast-coffee6 Product nodes detected
PDP exposes 2 Product JSON-LD nodesHIGH
/product/12oz-flat-bag-and-label-sheet-combo2 Product nodes detected
Emit exactly one Product JSON-LD block per PDP; model variants via hasVariant or multiple Offer children.
PDP exposes 12 Product JSON-LD nodesHIGH
/product/roasters-choice-subscription12 Product nodes detected
Emit exactly one Product JSON-LD block per PDP; model variants via hasVariant or multiple Offer children.

How to fix · 2 steps · create a free account to viewCreate a free account →

FAILHIGH

Brand attribution on PDPsproduct-brand-attributionSchema.orgMerchant

Surface brand attribution on every PDP

Why this matters: Brand on every product is a primary agent filter and a required feed field.

schema.org/Product.brand

−2.3impact

Findings (11)

Checked 20 sampled product pages for brand attribution via Product JSON-LD or visible HTML signals (0 attributed, 0%).

How: On each PDP, accept brand attribution from either (a) extractBrand on the first Product JSON-LD node OR (b) an HTML brand signal (OG product:brand, brand meta, og:brand, Microdata itemprop="brand").

Coverage

0/20 · 0%

No brand attribution on this PDP (neither JSON-LD brand nor OG/Microdata)HIGH× 10
Add brand to the Product JSON-LD or a <meta property="product:brand"> tag.
Affected (10)

…and 1 more

How to fix · 3 steps · create a free account to viewCreate a free account →

FAILHIGH

GTIN coverage on PDPsproduct-gtin-populatedSchema.orgMerchant

Populate gtin on every branded Product node

Why this matters: GTINs let agents match your product to the same item elsewhere; without them you lose cross-catalog matching.

schema.org/Product.gtin

−2.3impact

Findings (11)

Checked 20 sampled product pages for a GTIN in the Product JSON-LD (0 carry a valid GTIN, 0%).

How: Extract gtin / gtin8 / gtin12 / gtin13 / gtin14 from the first Product JSON-LD node on each PDP; validate digit length.

Coverage

0/20 · 0%

No valid GTIN on this product pageHIGH× 10
Populate gtin/gtin8/gtin12/gtin13/gtin14 with the manufacturer's barcode.
Affected (10)

…and 1 more

How to fix · 2 steps · create a free account to viewCreate a free account →

FAILHIGH

MerchantReturnPolicy node present on Product or Offermerchant-return-policy-presentReturnsSchema.org

Emit hasMerchantReturnPolicy on Product or Offer JSON-LD

Why this matters: Without the entry-point return-policy node, agents can't render or quote your return terms — they fall back to platform defaults or skip your store.

Google return-policy structured data — entry-point field

−2impact

Findings (10)

Inspected hasMerchantReturnPolicy on Product/Offer JSON-LD across 10 sampled product pages (0 present, 0%).

How: On each PDP, locate the Product JSON-LD node and check for a hasMerchantReturnPolicy object/array at Product level OR Offer level. Pass band ≥ 85% coverage, partial ≥ 50%.

Coverage

0/10 · 0%

Product JSON-LD missing hasMerchantReturnPolicyHIGH× 10
Add a MerchantReturnPolicy node to Product or Offer with category + applicableCountry (or merchantReturnLink).
Affected (10)

How to fix · 2 steps · create a free account to viewCreate a free account →

FAILHIGH

Offer JSON-LD carries shippingDetails (OfferShippingDetails)offer-shipping-details-presentSchema.orgShipping

Emit shippingDetails (OfferShippingDetails) on Offer JSON-LD

Why this matters: Without shippingDetails, AI agents fall back to vague defaults — they can't quote your rates, destinations, or delivery windows in shopping cards.

schema.org/OfferShippingDetails

−2impact

Findings (10)

Inspected shippingDetails on Product/Offer JSON-LD across 10 sampled PDPs (0 present, 0%).

How: On each PDP, locate the Product JSON-LD node and check for shippingDetails (single object or array) at Product or Offer level. Pass band ≥ 85% coverage.

Coverage

0/10 · 0%

Offer JSON-LD missing shippingDetailsHIGH× 10
Add OfferShippingDetails with shippingRate, shippingDestination, and deliveryTime.
Affected (10)

How to fix · 2 steps · create a free account to viewCreate a free account →

FAILHIGH

/.well-known/ucp profile is present with a `version` fielducp-profile-presentUCPUCP Profile

Publish /.well-known/ucp with at minimum a version field

Why this matters: Without `/.well-known/ucp`, Google's AI Mode can't identify your storefront as a UCP-conformant merchant.

UCP overview — profile location and shape

−1.9impact

Findings (1)

Inspected /.well-known/ucp for a parseable JSON document with a top-level version string.

How: Confirm ctx.wellKnownUcp is non-null and carries a non-empty version string (the only universally-required UCP profile field).

/.well-known/ucp is not reachable or not parseable as JSONHIGH
/.well-known/ucp
Serve a JSON document at /.well-known/ucp with a top-level version string (e.g., "2026-04-08").

How to fix · 2 steps · create a free account to viewCreate a free account →

FAILHIGH

UCP profile carries all four required top-level keysucp-profile-required-keysUCP

Add every required top-level key to the UCP profile

Why this matters: A profile missing one of the four required keys is treated as non-conformant — agent runtimes fall back to default behaviour and may skip the merchant.

UCP overview — required profile keys

−1.9impact

Findings (1)

Wanted to inspect UCP root keys, but no profile was found.

How: Read the profile root (or top-level ucp wrapper) and verify the presence of version, services, capabilities, and signing_keys keys.

No /.well-known/ucp profile presentHIGH
/.well-known/ucp
Publish /.well-known/ucp first (see ucp-profile-present).

How to fix · 2 steps · create a free account to viewCreate a free account →

FAILHIGH

UCP profile declares a valid shopping service entryucp-shopping-service-validUCPUCP Profile

Declare a shopping service entry with a recognised transport and an HTTPS endpoint

Why this matters: Without a valid shopping service entry, agents can recognise you as a UCP merchant but have no way to fetch your catalog.

UCP overview — services declaration

−1.9impact

Findings (1)

Wanted to walk the UCP profile's services[] for a valid shopping entry, but no profile was found.

How: List every services[] entry whose namespace is shopping (or contains shopping) and require at least one with transport ∈ {rest,mcp,a2a,embedded} AND a syntactically valid https:// endpoint.

No /.well-known/ucp profile presentHIGH
/.well-known/ucp
Publish /.well-known/ucp first (see ucp-profile-present), then declare the shopping service.

How to fix · 2 steps · create a free account to viewCreate a free account →

FAILHIGH

Every signing_keys[] entry is a valid JWKucp-signing-keys-validJWKS

Make every signing_keys[] entry a JWK with kty + kty-specific params

Why this matters: Malformed JWK entries are rejected silently by agents — signed payloads cannot be verified and the merchant loses trust signal.

RFC 7517 — JSON Web Key (JWK)

−1.8impact

Findings (1)

Wanted to validate signing_keys[], but no UCP profile was found.

How: Walk signing_keys[] and validate each entry per RFC 7517 §4.1 (kty required) + RFC 7518 §6 (kty-specific required parameters). kid is OPTIONAL per RFC 7517 §4.5 and not enforced here.

No /.well-known/ucp profile presentHIGH
/.well-known/ucp

How to fix · 3 steps · create a free account to viewCreate a free account →

HALFHIGH

Product JSON-LD present on PDPsproduct-jsonld-presentSchema.orgMerchant

Publish a Product JSON-LD block on every PDP

Why this matters: Product JSON-LD is how agents identify the canonical product entity without running JavaScript.

schema.org/Product

−1.5impact

Findings (10)

Parsed JSON-LD on 20 sampled product pages for a Product node (10 found, 50%).

How: Walk each sampled PDP's parsed jsonLdBlocks, flatten @graph containers, and count the page as passing if any node has @type Product / ProductGroup / IndividualProduct / ProductModel.

Coverage

10/20 · 50%

No Product JSON-LD on this PDPHIGH× 10
Add a <script type="application/ld+json"> block with @type: Product to the PDP <head>.
Affected (10)

How to fix · 3 steps · create a free account to viewCreate a free account →

HALFHIGH

Product JSON-LD includes `offers`product-offers-presentSchema.orgMerchant

Add an offers object to every Product node

Why this matters: Without an Offer, agents can't see that the product is for sale.

schema.org/Offer

−1.5impact

Findings (1)

Looked for an offers (or AggregateOffer) block on Product JSON-LD across 10 sampled product pages (9 carry one, 90%).

How: On each Product node, require a resolvable Offer (or first Offer inside an AggregateOffer) via findOffer.

Coverage

9/10 · 90%

Product JSON-LD has no resolvable offersHIGH
/product/sab-jolly-compact-auto-and-obel-mito-6…
Add an offers object with at minimum price, priceCurrency, and availability.

How to fix · 2 steps · create a free account to viewCreate a free account →

NAHIGH

MerchantReturnPolicy finite-window has positive merchantReturnDaysmerchant-return-policy-finite-daysReturns

Skipped — No MerchantReturnPolicy node used the MerchantReturnFiniteReturnWindow category, so the `merchantReturnDays` check has nothing to evaluate.

Context: AI agents quote your concrete return window in shopping cards. Without `merchantReturnDays`, your policy renders as 'has a return policy' without the headline number.

Google return-policy SD — merchantReturnDays required for finite windows

Not scoredimpact

Why this was skipped

No MerchantReturnPolicy node used the MerchantReturnFiniteReturnWindow category, so the merchantReturnDays check has nothing to evaluate.

How: For each MerchantReturnPolicy node whose returnPolicyCategory normalizes to MerchantReturnFiniteReturnWindow, require merchantReturnDays to be a positive number (or a numeric string > 0).

NAHIGH

MerchantReturnPolicy satisfies Option A (country+category) or B (returnLink)merchant-return-policy-option-a-or-bReturnsSchema.org

Skipped — No PDP carried a `hasMerchantReturnPolicy` node, so Option A/B shape cannot be evaluated.

Context: A policy node missing both shapes is invisible to agents — they can't render it, link to it, or quote your return terms.

Google return-policy SD — required-shape MUSTs

Not scoredimpact

Why this was skipped

No PDP carried a hasMerchantReturnPolicy node, so Option A/B shape cannot be evaluated.

How: For each PDP, walk every hasMerchantReturnPolicy node (Product or Offer level) and require either (applicableCountry + returnPolicyCategory) OR a syntactically-valid merchantReturnLink URL.

NAHIGH

UCP profile Cache-Control is shared-cacheable with max-age ≥ 60sucp-cache-headers-validUCP

Skipped — No UCP profile present; Cache-Control policy is not evaluable.

Context: If your UCP profile says `no-cache`, agent runtimes re-fetch on every interaction — brittle at scale and prone to rate-limit failures.

UCP overview — profile caching

Not scoredimpact

Why this was skipped

No UCP profile present; Cache-Control policy is not evaluable.

How: Parse the Cache-Control header on the /.well-known/ucp response; require public, max-age ≥ 60, and no no-store/no-cache/private.

NAHIGH

/.well-known/ucp response Content-Type is application/jsonucp-profile-content-type-jsonUCP

Skipped — No UCP profile present; Content-Type is not evaluable.

Context: Agent runtimes that gate parsing on Content-Type will skip your profile if it's served as HTML or plain text.

UCP overview — JSON profile media type

Not scoredimpact

Why this was skipped

No UCP profile present; Content-Type is not evaluable.

How: Check that the Content-Type header on /.well-known/ucp starts with application/json (optionally with a charset parameter).

NAHIGH

/.well-known/ucp is publicly fetchable with no authucp-profile-no-auth-requiredUCP ProfileUCP

Skipped — No UCP profile reachable; public-fetch evaluation deferred to ucp-profile-present.

Context: Agents fetch `/.well-known/ucp` without credentials — a 401 or 403 means they never see the profile.

Google UCP merchant profile — public fetchability

Not scoredimpact

Why this was skipped

No UCP profile reachable; public-fetch evaluation deferred to ucp-profile-present.

How: Confirm an unauthenticated GET to /.well-known/ucp returns a 2xx status.

NAHIGH

/.well-known/ucp returns 200 directly with no redirectsucp-profile-no-redirectsUCP

Skipped — No UCP profile present; redirect behaviour is not evaluable.

Context: Lightweight agent clients fetch `/.well-known/ucp` without following redirects — a 301/302 means they never see your profile.

UCP overview — profile location is stable

Not scoredimpact

Why this was skipped

No UCP profile present; redirect behaviour is not evaluable.

How: Inspect the final HTTP status of GET /.well-known/ucp and whether any 3xx redirect was followed to reach it.

NAHIGH

Each service satisfies the transport-conditional field requirementsucp-service-transport-conditional-fieldsUCP

Skipped — No UCP profile present.

Context: A service declared with the right transport but missing endpoint/schema is unreachable — agents can't negotiate or connect.

UCP overview — transport-conditional fields

Not scoredimpact

Why this was skipped

No UCP profile present.

How: For each services[] entry with a recognised transport, require the transport-conditional fields: rest/mcp → endpoint+schema; a2a → endpoint; embedded → schema.

NAHIGH

Each service `transport` is rest, mcp, a2a, or embeddeducp-service-transport-enumUCP

Skipped — No UCP profile present.

Context: An unrecognised transport leaves agents with no handler to dispatch — your service appears absent.

UCP overview — transport enum

Not scoredimpact

Why this was skipped

No UCP profile present.

How: For each services[] entry, require transport to be one of: rest, mcp, a2a, embedded.

FAILMEDIUM

Product `brand` is a string or Brand/Organization objectproduct-brand-string-or-objectSchema.orgMerchant

Emit brand as either a string or a typed Brand object on every Product

Why this matters: Brand on every product is a primary agent filter and a required feed field.

schema.org/brand — Text | Brand | Organization

−1.4impact

Findings (10)

Inspected the brand field on Product JSON-LD across 10 sampled product pages (0 valid as string or object, 0%).

How: On each Product node, accept brand if it's a non-empty trimmed string OR an object with a non-empty name. Objects with @type Brand/Organization but no name are rejected.

Coverage

0/10 · 0%

Product brand is missing or empty (neither a string nor an object with name)MEDIUM× 10
Emit brand as "Acme" (string) or {"@type":"Brand","name":"Acme"} (object).
Affected (10)

How to fix · 3 steps · create a free account to viewCreate a free account →

FAILMEDIUM

Organization/OnlineStore JSON-LD with contactPoint on homepageorganization-jsonld-with-contactSchema.org

Add an Organization (or OnlineStore) JSON-LD block to your homepage with a contactPoint

Why this matters: Organization markup with a contactPoint tells AI agents who you are and how a shopper can reach you for support.

schema.org/Organization (and OnlineStore subclass) with contactPoint

−1.3impact

Findings (1)

Found a homepage Organization node but its contactPoint is missing both email and telephone.

How: Parse homepage <script type="application/ld+json"> blocks, flatten @graph, and look for an Organization/OnlineStore/Store node with a contactPoint carrying email or telephone.

Homepage Organization node has no contactPoint with email or telephoneMEDIUM
/
What we expected
```
"contactPoint": [{"@type":"ContactPoint","contactType":"customer service","email":"support@example.com","telephone":"+1-555-123-4567"}]
```
Add a contactPoint object with at least one of email or telephone.

How to fix · 3 steps · create a free account to viewCreate a free account →

FAILMEDIUM

Third-party review-platform integration detectedreview-app-detectedSchema.org

Install a third-party review platform so agents see syndicated reviews on your storefront

Why this matters: Third-party review widgets feed the ratings AI agents trust when ranking merchants.

schema.org/Review vocabulary

−1.1impact

Findings (1)

Scanned the homepage and 20 sampled PDPs for 8 review-platform asset fingerprints; none matched.

How: Substring scan of homepage and sampled PDP HTML for known review-platform asset fingerprints (judge.me, yotpo, stamped.io, reviews.io, okendo, loox, trustpilot, bazaarvoice).

No third-party review-platform integration detectedMEDIUM
none of 8 fingerprints matched across 21 sources
Install a Judge.me / Yotpo / Loox / Okendo / Stamped / Reviews.io / Trustpilot / Bazaarvoice widget on your storefront.

How to fix · 3 steps · create a free account to viewCreate a free account →

HALFMEDIUM

Product `sku` populatedproduct-sku-populatedSchema.orgMerchant

Populate sku on every Product JSON-LD node

Why this matters: A stable SKU lets agents track and re-identify your product across catalogs.

schema.org/Product.sku

−0.7impact

Findings (3)

Read the sku field on Product JSON-LD across 10 sampled product pages (7 populated, 70%).

How: On each PDP with a Product node, accept sku if it is a non-empty trimmed string or a number.

Coverage

7/10 · 70%

Product JSON-LD has no populated skuMEDIUM× 3
Fill in the SKU field in your product admin; the JSON-LD template typically binds to that field.
Affected (3)

How to fix · 2 steps · create a free account to viewCreate a free account →

NAMEDIUM

HSTS policy carries the includeSubDomains directivehsts-include-subdomainsHSTS

Skipped — HSTS itself is not enabled

Context: Without includeSubDomains, an HTTP subdomain (staging, mail, …) can be used to attack the apex's cookies.

RFC 6797 — HSTS `includeSubDomains` directive

Not scoredimpact

Why this was skipped

Looked for includeSubDomains in the Strict-Transport-Security header, but HSTS itself is not enabled.

How: Parse the homepage Strict-Transport-Security header for the includeSubDomains directive (RFC 6797 §6.1.2).

HSTS not enabled; check https-and-hsts-enforced first.MEDIUM
/
Fix https-and-hsts-enforced first — once HSTS ships, re-run this check.

NAMEDIUM

MerchantReturnPolicy merchantReturnLink URL is reachablemerchant-return-link-reachableReturns

Skipped — No MerchantReturnPolicy node carried a `merchantReturnLink` URL, so reachability has nothing to evaluate.

Context: A broken return-link makes Option B policies invisible — agents can't render or follow the link.

Google return-policy SD — merchantReturnLink reachability

Not scoredimpact

Why this was skipped

No MerchantReturnPolicy node carried a merchantReturnLink URL, so reachability has nothing to evaluate.

How: Collect every unique merchantReturnLink URL across all MerchantReturnPolicy nodes; probe each once via politeFetch (failSoft). 2xx counts as reachable.

NAMEDIUM

MerchantReturnPolicy applicableCountry uses ISO 3166-1 alpha-2 codesmerchant-return-policy-applicable-country-isoReturns

Skipped — No MerchantReturnPolicy node carried `applicableCountry`, so the ISO-code check has nothing to evaluate.

Context: A non-ISO country is dropped silently; the policy looks present but never reaches the merchant-listing rich result.

Google return-policy SD — applicableCountry MUST be ISO alpha-2

Not scoredimpact

Why this was skipped

No MerchantReturnPolicy node carried applicableCountry, so the ISO-code check has nothing to evaluate.

How: On each MerchantReturnPolicy node where applicableCountry is set, extract every candidate string and require every one to match /^[A-Z]{2}$/i.

NAMEDIUM

MerchantReturnPolicy returnPolicyCategory uses valid Schema.org enummerchant-return-policy-category-enumReturns

Skipped — No MerchantReturnPolicy node carried `returnPolicyCategory`, so the enum check has nothing to evaluate.

Context: An invalid category is silently dropped — your policy looks present in the source but never renders in Google's return-policy rich result.

Google return-policy SD — returnPolicyCategory enum

Not scoredimpact

Why this was skipped

No MerchantReturnPolicy node carried returnPolicyCategory, so the enum check has nothing to evaluate.

How: On each MerchantReturnPolicy node where returnPolicyCategory is set, accept the bare enum name or the schema.org URL form; reject any other string.

NAMEDIUM

OfferShippingDetails shippingDestination is a valid DefinedRegionoffer-shipping-destination-validShipping

Skipped — No OfferShippingDetails node carried `shippingDestination`, so the DefinedRegion check has nothing to evaluate.

Context: Without a valid destination region, your shipping rate has no scope — Google can't decide whether to render it for a given shopper's country.

Google shipping-policy SD — shippingDestination as DefinedRegion

Not scoredimpact

Why this was skipped

No OfferShippingDetails node carried shippingDestination, so the DefinedRegion check has nothing to evaluate.

How: On each OfferShippingDetails node where shippingDestination is set, require it to be a DefinedRegion (or array) and every entry to carry addressCountry matching /^[A-Z]{2}$/i.

NAMEDIUM

OfferShippingDetails shippingRate is a valid MonetaryAmountoffer-shipping-rate-validShipping

Skipped — No OfferShippingDetails node carried `shippingRate`, so the MonetaryAmount check has nothing to evaluate.

Context: An invalid rate object is silently dropped; agents can't quote your shipping cost in shopping cards.

Google shipping-policy SD — shippingRate as MonetaryAmount

Not scoredimpact

Why this was skipped

No OfferShippingDetails node carried shippingRate, so the MonetaryAmount check has nothing to evaluate.

How: On each OfferShippingDetails node where shippingRate is set, require an object with numeric value/maxValue (typed or numeric string) and a 3-letter ISO 4217 currency.

NAMEDIUM

Each capability has version + spec + schemaucp-capability-required-fieldsUCP

Skipped — No UCP profile present.

Context: Capabilities missing version/spec/schema can't be matched against agent support tables — agents skip them silently.

UCP overview — capabilities

Not scoredimpact

Why this was skipped

No UCP profile present.

How: For each capabilities[] entry, require non-empty string values for version, spec, and schema.

NAMEDIUM

Each service's `spec` URL origin matches its namespace authorityucp-service-spec-url-origin-matchesUCP

Skipped — No UCP profile present.

Context: A spec URL on an unrelated authority signals the service was copy-pasted from stale documentation — agents can't trust the conformance claim.

UCP overview — service specs

Not scoredimpact

Why this was skipped

No UCP profile present.

How: For each service with a spec URL, require the URL origin to be a canonical UCP authority OR the host/path to include the namespace token.

NAMEDIUM

Every service `version` matches YYYY-MM-DDucp-service-version-date-formatUCP

Skipped — No UCP profile present; service version formats are not evaluable.

Context: Free-form version labels like `1.0` or `latest` defeat the version-pinning agents rely on, leaving them unable to negotiate the correct spec generation.

UCP overview — versioned services

Not scoredimpact

Why this was skipped

No UCP profile present; service version formats are not evaluable.

How: For each services[] entry, require version to be a string matching /^\d{4}-\d{2}-\d{2}$/.

FAILLOW

Product `aggregateRating` presentproduct-aggregate-rating-presentSchema.org

Add an AggregateRating to Product nodes when you have real reviews

Why this matters: Review ratings are a trust signal agents use to rank and filter products.

schema.org/AggregateRating

−0.3impact

Findings (10)

Looked for a valid aggregateRating on Product JSON-LD across 10 sampled product pages (0 valid, 0%).

How: On each Product node, parse aggregateRating (or the first element if it's an array) and require ratingValue in [0,5] AND reviewCount or ratingCount ≥ 1.

Coverage

0/10 · 0%

Product has no valid AggregateRating (ratingValue 0-5 + reviewCount/ratingCount ≥ 1)LOW× 10
Render aggregateRating from real review totals — never fabricate.
Affected (10)

How to fix · 2 steps · create a free account to viewCreate a free account →

FAILLOW

Alt text on at least 80% of PDP imagesimage-alt-text-coverageWCAG

Add descriptive alt text to product images (WCAG 2.x SC 1.1.1)

Why this matters: Alt text is the only text description AI agents and screen readers have for your product imagery.

WCAG 2.x SC 1.1.1 — Non-text Content

−0.3impact

Findings (11)

Parsed <img> alt attributes across 20 sampled product pages (0 have alt text on at least 80% of images).

How: Per PDP, count <img> tags via regex; a tag 'has alt text' when its alt attribute is present AND non-empty after trim. A PDP passes when it carries no <img> at all OR ≥80% of its <img> tags have non-empty alt.

Coverage

0/20 · 0%

Most images on this product page lack alt textLOW× 10
What we expected
```
<img src="/img/sneaker.webp" alt="Red leather running shoe, side view" />
```
Populate the alt attribute on each <img> with a description of what the image shows; use alt="" only for decorative images.
Affected (10)
- /what-is-poop-coffee-eight-things-you-should-kn…9/13 <img> tags have non-empty alt (69%)
- /locally-roasted-coffee-at-wholesale-prices8/13 <img> tags have non-empty alt (62%)
- /e-commerce-business-ideas-for-beginners9/13 <img> tags have non-empty alt (69%)
- /how-to-grow-quality-arabica-coffee10/14 <img> tags have non-empty alt (71%)
- /creating-a-successful-e-commerce-site-213/17 <img> tags have non-empty alt (76%)
- /understand-private-label-coffee-business-29/13 <img> tags have non-empty alt (69%)
- /the-benefits-of-dropshipping-39/13 <img> tags have non-empty alt (69%)
- /how-we-source-green-coffee-212/16 <img> tags have non-empty alt (75%)
- /private-label-coffee-breaking-down-the-full-pr…9/13 <img> tags have non-empty alt (69%)
- /what-makes-a-truly-artisan-coffee-roaster-310/14 <img> tags have non-empty alt (71%)

…and 1 more

How to fix · 3 steps · create a free account to viewCreate a free account →

FAILLOW

About page reachable with substantive copyabout-page-reachableMerchant

Publish a substantive About page at a standard URL

Why this matters: Perplexity and ChatGPT use About-page text to summarise your brand to shoppers in answer responses.

Google merchant listing — customer-support / about page

−0.2impact

Findings (1)

Probed 5 candidate About-page paths and none returned a 2xx body.

How: URL probe of platform-specific about-page paths via politeFetch; the first 2xx response whose HTML-stripped body length is ≥ 200 chars counts as a pass.

No About page reachable at any standard URLLOW
statuses: /about/=404, /about-us/=404, /about=404, /about-us=404, /pages/about=404
Publish an About page at /about (or your platform's standard path) with ≥ 200 chars of body text.

How to fix · 3 steps · create a free account to viewCreate a free account →

FAILLOW

Offer `itemCondition` is canonical when presentoffer-item-condition-when-not-newSchema.orgMerchant

Either omit itemCondition (defaults to NewCondition) or set it to a canonical IRI

Why this matters: When you declare itemCondition, agents and Google require a canonical Schema.org IRI; free-text values get ignored.

schema.org/OfferItemCondition

−0.2impact

Findings (9)

Checked Offer itemCondition on 9 sampled product pages with an Offer (0 either omit or use a canonical Schema.org URL, 0%).

How: On each Offer: if itemCondition is omitted, count as pass (Google defaults to NewCondition). If present, accept only when it matches a canonical Schema.org ItemCondition IRI.

Coverage

0/9 · 0%

Offer itemCondition is set but isn't a canonical Schema.org URLLOW× 9
Use https://schema.org/NewCondition / UsedCondition / RefurbishedCondition / DamagedCondition.
Affected (9)
- /product/burundi-twaranyuzwe-light-roast-coffeevalue: NewCondition
- /product/el-salvador-santa-anavalue: NewCondition
- /product/ethiopia-biru-bekele-light-roast-coffeevalue: NewCondition
- /product/burundi-ngozi-light-roast-coffeevalue: NewCondition
- /product/ethiopia-kochere-light-roast-coffeevalue: NewCondition
- /product/vantablack-dark-roast-coffeevalue: NewCondition
- /product/5lb-flat-bag-and-label-sheet-combovalue: NewCondition
- /product/12oz-flat-bag-and-label-sheet-combovalue: NewCondition
- /product/roasters-choice-subscriptionvalue: NewCondition

How to fix · 2 steps · create a free account to viewCreate a free account →

NALOW

HSTS policy carries the preload directivehsts-preload-directiveHSTS

Skipped — HSTS itself is not enabled

Context: HSTS preload-list inclusion is the strongest downgrade protection available — first-time visits are protected too.

RFC 6797 — HSTS `preload` directive (vendor extension)

Not scoredimpact

Why this was skipped

Looked for the preload directive in the Strict-Transport-Security header, but HSTS itself is not enabled.

How: Parse the homepage Strict-Transport-Security header for the preload directive (hstspreload.org vendor extension to RFC 6797).

HSTS not enabled; check https-and-hsts-enforced first.LOW
/
Fix https-and-hsts-enforced first — once HSTS ships, re-run this check.

NALOW

MerchantReturnPolicy enrichment enums use valid Schema.org valuesmerchant-return-policy-enums-validReturns

Skipped — No MerchantReturnPolicy node carried returnFees, returnMethod, or refundType, so the enum check has nothing to evaluate.

Context: Invalid enrichment values are dropped silently, leaving merchants confused about why their rendered policy is missing fields they configured.

Google return-policy SD — enum field constraints

Not scoredimpact

Why this was skipped

No MerchantReturnPolicy node carried returnFees, returnMethod, or refundType, so the enum check has nothing to evaluate.

How: On each MerchantReturnPolicy node, inspect returnFees/returnMethod/refundType if set; require the bare name or schema.org URL form of a value in the corresponding Schema.org enum.

NALOW

OfferShippingDetails deliveryTime is a valid ShippingDeliveryTimeoffer-shipping-delivery-time-validShipping

Skipped — No OfferShippingDetails node carried `deliveryTime`, so the ShippingDeliveryTime check has nothing to evaluate.

Context: Without populated handling/transit times, agents can't quote a delivery window in shopping cards.

Google shipping-policy SD — deliveryTime as ShippingDeliveryTime

Not scoredimpact

Why this was skipped

No OfferShippingDetails node carried deliveryTime, so the ShippingDeliveryTime check has nothing to evaluate.

How: On each OfferShippingDetails node where deliveryTime is set, require an object with at least one of handlingTime / transitTime populated as a QuantitativeValue.

NALOW

UCP MCP-transport entries have valid HTTPS endpointsucp-mcp-transport-validUCP

Skipped — No UCP profile found; MCP transport validity is not evaluable.

Context: If you advertise MCP transport, agents will try to connect — broken or non-HTTPS endpoints fail silently and lose the integration.

UCP overview — transport declarations

Not scoredimpact

Why this was skipped

No UCP profile found; MCP transport validity is not evaluable.

How: Filter services[] to entries where transport=mcp and validate that endpoint is an absolute https:// URL.

FAILINFO

Apple Pay markers detected (informational)apple-pay-detectedSchema.org

Enable Apple Pay through your payment processor (informational only)

Why this matters: Apple Pay is a checkout-quality signal for human shoppers — informational only, does not affect the agent-readiness score.

Apple Pay availability — payment options observed

No score impactimpact

Findings (1)

Scanned the homepage and 20 sampled PDPs for Apple Pay markers; none matched.

How: Substring match on known Apple Pay SDK/markup signatures (ApplePaySession, apple-pay-button, /apple-developer-merchantid-domain-association) across the homepage and every sampled PDP HTML.

No Apple Pay markers detected on the homepage or PDPsINFO
/
Enable Apple Pay in your payment processor's dashboard (Stripe / Adyen / Braintree). Informational only — does not affect the score.

How to fix · 3 steps · create a free account to viewCreate a free account →

FAILINFO

Google Pay markers detected (informational)google-pay-detectedSchema.org

Enable Google Pay through your payment processor (informational only)

Why this matters: Google Pay is a checkout-quality signal for human shoppers — informational only, does not affect the agent-readiness score.

Google Pay availability — payment options observed

No score impactimpact

Findings (1)

Scanned the homepage and 20 sampled PDPs for Google Pay markers; none matched.

How: Substring match on known Google Pay SDK/markup signatures (pay.google.com/gp/p/js/pay.js, google.payments.api, <google-pay-button) across the homepage and every sampled PDP HTML.

No Google Pay markers detected on the homepage or PDPsINFO
/
Enable Google Pay in your payment processor's dashboard (Stripe / Adyen / Braintree). Informational only — does not affect the score.

How to fix · 3 steps · create a free account to viewCreate a free account →

NAINFO

llms.txt present (informational)llms-txt-presentllms.txt

Skipped — Looked for /llms.txt at the site root; the fetcher returned no file.

Context: An /llms.txt manifest points agents at your feed and key pages without them having to guess.

llmstxt.org — /llms.txt manifest

Not scoredimpact

Why this was skipped

Looked for /llms.txt at the site root; the fetcher returned no file.

How: Check whether the fetcher reached an /llms.txt at the site root. Informational only — no failure path per llmstxt.org being a voluntary community convention.

24 failing · 22 not checked · 46 shown