peakdesign.com
Audited 5 days ago· shopify
Agent-readiness across all five AI commerce surfaces.
Surfaces — click to filter
18 failing · 13 not checked · 31 shown
13 checks couldn't run on this store — each is listed below with the reason. Your score reflects only what we could verify.
Populate gtin on every branded Product node
Why this matters: GTINs let agents match your product to the same item elsewhere; without them you lose cross-catalog matching.
Findings (11)
Checked 20 sampled product pages for a GTIN in the Product JSON-LD (0 carry a valid GTIN, 0%).
How: Extract gtin / gtin8 / gtin12 / gtin13 / gtin14 from the first Product JSON-LD node on each PDP; validate digit length.
Coverage
0/20 · 0%
- No valid GTIN on this product pageHIGH× 10
Populate gtin/gtin8/gtin12/gtin13/gtin14 with the manufacturer's barcode.
Affected (10)
- /products/30l-travel-backpack-bundle-1-coyote
- /products/travel-backpack-20l-stone
- /products/travel-backpack-20l-sage
- /products/travel-crossbody-3l-stone
- /products/travel-crossbody-3l-sage
- /products/travel-crossbody-3l-black
- /products/travel-crossbody
- /products/travel-weekender-25l-stone
- /products/travel-weekender-25l-sage
- /products/travel-weekender-25l-black
…and 1 more
Emit hasMerchantReturnPolicy on Product or Offer JSON-LD
Why this matters: Without the entry-point return-policy node, agents can't render or quote your return terms — they fall back to platform defaults or skip your store.
Findings (11)
Inspected hasMerchantReturnPolicy on Product/Offer JSON-LD across 20 sampled product pages (0 present, 0%).
How: On each PDP, locate the Product JSON-LD node and check for a hasMerchantReturnPolicy object/array at Product level OR Offer level. Pass band ≥ 85% coverage, partial ≥ 50%.
Coverage
0/20 · 0%
- Product JSON-LD missing
hasMerchantReturnPolicyHIGH× 10Add a MerchantReturnPolicy node to Product or Offer with category + applicableCountry (or merchantReturnLink).
Affected (10)
- /products/30l-travel-backpack-bundle-1-coyote
- /products/travel-backpack-20l-stone
- /products/travel-backpack-20l-sage
- /products/travel-crossbody-3l-stone
- /products/travel-crossbody-3l-sage
- /products/travel-crossbody-3l-black
- /products/travel-crossbody
- /products/travel-weekender-25l-stone
- /products/travel-weekender-25l-sage
- /products/travel-weekender-25l-black
…and 1 more
Emit shippingDetails (OfferShippingDetails) on Offer JSON-LD
Why this matters: Without shippingDetails, AI agents fall back to vague defaults — they can't quote your rates, destinations, or delivery windows in shopping cards.
Findings (11)
Inspected shippingDetails on Product/Offer JSON-LD across 20 sampled PDPs (0 present, 0%).
How: On each PDP, locate the Product JSON-LD node and check for shippingDetails (single object or array) at Product or Offer level. Pass band ≥ 85% coverage.
Coverage
0/20 · 0%
- Offer JSON-LD missing
shippingDetailsHIGH× 10Add OfferShippingDetails with shippingRate, shippingDestination, and deliveryTime.
Affected (10)
- /products/30l-travel-backpack-bundle-1-coyote
- /products/travel-backpack-20l-stone
- /products/travel-backpack-20l-sage
- /products/travel-crossbody-3l-stone
- /products/travel-crossbody-3l-sage
- /products/travel-crossbody-3l-black
- /products/travel-crossbody
- /products/travel-weekender-25l-stone
- /products/travel-weekender-25l-sage
- /products/travel-weekender-25l-black
…and 1 more
Add every required top-level key to the UCP profile
Why this matters: A profile missing one of the four required keys is treated as non-conformant — agent runtimes fall back to default behaviour and may skip the merchant.
Findings (1)
Profile is missing required key(s): signing_keys.
How: Read the profile root (or top-level ucp wrapper) and verify the presence of version, services, capabilities, and signing_keys keys.
- Required top-level key
signing_keysis missingHIGHWhat we expected
Add a top-level "signing_keys" field to the JSON document (empty array/object is fine).Set
signing_keysat the root of the JSON document.
Skipped — No MerchantReturnPolicy node used the MerchantReturnFiniteReturnWindow category, so the `merchantReturnDays` check has nothing to evaluate.
Context: AI agents quote your concrete return window in shopping cards. Without `merchantReturnDays`, your policy renders as 'has a return policy' without the headline number.
Why this was skipped
No MerchantReturnPolicy node used the MerchantReturnFiniteReturnWindow category, so the merchantReturnDays check has nothing to evaluate.
How: For each MerchantReturnPolicy node whose returnPolicyCategory normalizes to MerchantReturnFiniteReturnWindow, require merchantReturnDays to be a positive number (or a numeric string > 0).
Skipped — No PDP carried a `hasMerchantReturnPolicy` node, so Option A/B shape cannot be evaluated.
Context: A policy node missing both shapes is invisible to agents — they can't render it, link to it, or quote your return terms.
Why this was skipped
No PDP carried a hasMerchantReturnPolicy node, so Option A/B shape cannot be evaluated.
How: For each PDP, walk every hasMerchantReturnPolicy node (Product or Offer level) and require either (applicableCountry + returnPolicyCategory) OR a syntactically-valid merchantReturnLink URL.
Skipped — the runner did not surface transport metadata
Context: If your UCP profile says `no-cache`, agent runtimes re-fetch on every interaction — brittle at scale and prone to rate-limit failures.
Why this was skipped
Wanted to inspect the UCP profile's Cache-Control header, but the runner did not surface transport metadata.
How: Parse the Cache-Control header on the /.well-known/ucp response; require public, max-age ≥ 60, and no no-store/no-cache/private.
- Transport metadata not available — runner update pendingLOW
This check activates once the runner (Task I1) populates ctx.wellKnownUcp.cacheControl.
Skipped — Profile declares no signing_keys; JWK validation has no entries to evaluate.
Context: Malformed JWK entries are rejected silently by agents — signed payloads cannot be verified and the merchant loses trust signal.
Why this was skipped
Profile declares no signing_keys; JWK validation has no entries to evaluate.
How: Walk signing_keys[] and validate each entry per RFC 7517 §4.1 (kty required) + RFC 7518 §6 (kty-specific required parameters). kid is OPTIONAL per RFC 7517 §4.5 and not enforced here.
Add includeSubDomains to your Strict-Transport-Security header
Why this matters: Without includeSubDomains, an HTTP subdomain (staging, mail, …) can be used to attack the apex's cookies.
Findings (1)
Inspected the homepage Strict-Transport-Security header ("max-age=31536000") and the includeSubDomains directive is absent.
How: Parse the homepage Strict-Transport-Security header for the includeSubDomains directive (RFC 6797 §6.1.2).
- HSTS header is missing the includeSubDomains directiveMEDIUM
What we found
max-age=31536000What we expected
Strict-Transport-Security: max-age=31536000; includeSubDomainsAppend
; includeSubDomainsto your STS header once every subdomain you operate supports HTTPS.
Add an Organization (or OnlineStore) JSON-LD block to your homepage with a contactPoint
Why this matters: Organization markup with a contactPoint tells AI agents who you are and how a shopper can reach you for support.
Findings (1)
Found a homepage Organization node but its contactPoint is missing both email and telephone.
How: Parse homepage <script type="application/ld+json"> blocks, flatten @graph, and look for an Organization/OnlineStore/Store node with a contactPoint carrying email or telephone.
- Homepage Organization node has no contactPoint with email or telephoneMEDIUM
What we expected
"contactPoint": [{"@type":"ContactPoint","contactType":"customer service","email":"support@example.com","telephone":"+1-555-123-4567"}]Add a contactPoint object with at least one of
emailortelephone.
Install a third-party review platform so agents see syndicated reviews on your storefront
Why this matters: Third-party review widgets feed the ratings AI agents trust when ranking merchants.
Findings (1)
Scanned the homepage and 20 sampled PDPs for 8 review-platform asset fingerprints; none matched.
How: Substring scan of homepage and sampled PDP HTML for known review-platform asset fingerprints (judge.me, yotpo, stamped.io, reviews.io, okendo, loox, trustpilot, bazaarvoice).
- No third-party review-platform integration detectedMEDIUM
none of 8 fingerprints matched across 21 sources
Install a Judge.me / Yotpo / Loox / Okendo / Stamped / Reviews.io / Trustpilot / Bazaarvoice widget on your storefront.
Publish a returns policy page and link it from your site nav/footer
Why this matters: AI agents quote return terms to shoppers; missing returns pages are a baseline trust failure that suppresses you from agentic shopping cards.
Findings (1)
Probed 5 candidate returns-policy paths (nav-discovered + platform-conventional) and none returned a 2xx body.
How: Discover candidate URLs by scoring homepage nav/footer anchors for return/refund/exchange keywords, then append platform-conventional paths; probe each with politeFetch and pass on the first 2xx with ≥200 stripped-body chars.
- No returns/refund policy page reachable at any candidate URLMEDIUM
statuses: /policies/refund-policy=404, /policies/return-policy=404, /returns=404, /refund-policy=404, /return-policy=404
Publish a returns/refund policy page at
/returns(or your platform's standard slug) with ≥200 chars of body text.
Keep every sitemap entry on the sitemap's own host
Why this matters: Cross-host sitemap entries are silently dropped, so the off-host product URLs effectively don't exist for the crawler.
Findings (5)
Compared 848 <loc> entries against their sitemap host across 2 resource(s); 424 cross-host entries found.
How: For each resolved sitemap resource, parse the sitemap URL's host and compare it against every parsed <loc> URL's host.
- Cross-host <loc> — sitemap host is peakdesign.com but entry is on www.peakdesign.comMEDIUM
/sitemap.xmlsitemap host: peakdesign.com; entry host: www.peakdesign.com
What we found
https://www.peakdesign.com/products/clutch-regularRemove the cross-host entry from this sitemap, or publish a separate sitemap on that host.
- Cross-host <loc> — sitemap host is peakdesign.com but entry is on www.peakdesign.comMEDIUM
/sitemap.xmlsitemap host: peakdesign.com; entry host: www.peakdesign.com
What we found
https://www.peakdesign.com/products/anchor-mountRemove the cross-host entry from this sitemap, or publish a separate sitemap on that host.
- Cross-host <loc> — sitemap host is peakdesign.com but entry is on www.peakdesign.comMEDIUM
/sitemap.xmlsitemap host: peakdesign.com; entry host: www.peakdesign.com
What we found
https://www.peakdesign.com/products/anchor-linksRemove the cross-host entry from this sitemap, or publish a separate sitemap on that host.
- Cross-host <loc> — sitemap host is peakdesign.com but entry is on www.peakdesign.comMEDIUM
/sitemap.xmlsitemap host: peakdesign.com; entry host: www.peakdesign.com
What we found
https://www.peakdesign.com/products/edb-key-tetherRemove the cross-host entry from this sitemap, or publish a separate sitemap on that host.
- Cross-host <loc> — sitemap host is peakdesign.com but entry is on www.peakdesign.comMEDIUM
/sitemap.xmlsitemap host: peakdesign.com; entry host: www.peakdesign.com
What we found
https://www.peakdesign.com/products/propadRemove the cross-host entry from this sitemap, or publish a separate sitemap on that host.
Populate sku on every Product JSON-LD node
Why this matters: A stable SKU lets agents track and re-identify your product across catalogs.
Findings (3)
Read the sku field on Product JSON-LD across 20 sampled product pages (17 populated, 85%).
How: On each PDP with a Product node, accept sku if it is a non-empty trimmed string or a number.
Coverage
17/20 · 85%
- Product JSON-LD has no populated
skuMEDIUM× 3Fill in the SKU field in your product admin; the JSON-LD template typically binds to that field.
Publish a shipping policy page and link it from your site nav/footer
Why this matters: Agents quote shipping terms to shoppers; without a reachable shipping policy they fall back to vague defaults or skip your store.
Findings (1)
Reached a shipping policy page at https://peakdesign.com/shipping but its stripped body length (56 chars) is below the 200-char substantiveness threshold.
How: Discover candidate URLs by scoring homepage nav/footer anchors for shipping/delivery/dispatch keywords, then append platform-conventional paths; probe each with politeFetch and pass on the first 2xx with ≥200 stripped-body chars.
- Shipping policy page reachable but too short to be substantiveMEDIUM
/shipping56 chars of stripped body text (need ≥ 200)
Expand the body to at least 200 characters covering carriers, costs, and delivery timeframes.
Skipped — No MerchantReturnPolicy node carried a `merchantReturnLink` URL, so reachability has nothing to evaluate.
Context: A broken return-link makes Option B policies invisible — agents can't render or follow the link.
Why this was skipped
No MerchantReturnPolicy node carried a merchantReturnLink URL, so reachability has nothing to evaluate.
How: Collect every unique merchantReturnLink URL across all MerchantReturnPolicy nodes; probe each once via politeFetch (failSoft). 2xx counts as reachable.
Skipped — No MerchantReturnPolicy node carried `applicableCountry`, so the ISO-code check has nothing to evaluate.
Context: A non-ISO country is dropped silently; the policy looks present but never reaches the merchant-listing rich result.
Why this was skipped
No MerchantReturnPolicy node carried applicableCountry, so the ISO-code check has nothing to evaluate.
How: On each MerchantReturnPolicy node where applicableCountry is set, extract every candidate string and require every one to match /^[A-Z]{2}$/i.
Skipped — No MerchantReturnPolicy node carried `returnPolicyCategory`, so the enum check has nothing to evaluate.
Context: An invalid category is silently dropped — your policy looks present in the source but never renders in Google's return-policy rich result.
Why this was skipped
No MerchantReturnPolicy node carried returnPolicyCategory, so the enum check has nothing to evaluate.
How: On each MerchantReturnPolicy node where returnPolicyCategory is set, accept the bare enum name or the schema.org URL form; reject any other string.
Skipped — No OfferShippingDetails node carried `shippingDestination`, so the DefinedRegion check has nothing to evaluate.
Context: Without a valid destination region, your shipping rate has no scope — Google can't decide whether to render it for a given shopper's country.
Why this was skipped
No OfferShippingDetails node carried shippingDestination, so the DefinedRegion check has nothing to evaluate.
How: On each OfferShippingDetails node where shippingDestination is set, require it to be a DefinedRegion (or array) and every entry to carry addressCountry matching /^[A-Z]{2}$/i.
Skipped — No OfferShippingDetails node carried `shippingRate`, so the MonetaryAmount check has nothing to evaluate.
Context: An invalid rate object is silently dropped; agents can't quote your shipping cost in shopping cards.
Why this was skipped
No OfferShippingDetails node carried shippingRate, so the MonetaryAmount check has nothing to evaluate.
How: On each OfferShippingDetails node where shippingRate is set, require an object with numeric value/maxValue (typed or numeric string) and a 3-letter ISO 4217 currency.
Skipped — Profile declares no capabilities; required-field checks have nothing to evaluate.
Context: Capabilities missing version/spec/schema can't be matched against agent support tables — agents skip them silently.
Why this was skipped
Profile declares no capabilities; required-field checks have nothing to evaluate.
How: For each capabilities[] entry, require non-empty string values for version, spec, and schema.
Upload higher-resolution product images (area ≥ 50,000 pixels)
Why this matters: Tiny product images get dropped from Google’s shopping rich-result modules and are unhelpful to AI agents quoting your product visually.
Findings (11)
Inspected <img width=… height=…> attributes on 20 sampled product pages (0 have at least one image with area ≥ 50,000 px; dimensions absent from HTML are not HEAD-probed and count as indeterminate).
How: For every sampled PDP, parse <img> tags and read explicit width and height attributes; a PDP passes when at least one image has width × height ≥ 50,000. PDPs without any explicit-dimension <img> are marked indeterminate (this check does not HEAD image URLs).
Coverage
0/20 · 0%
- No <img> on this PDP carries explicit width+height attributesLOW× 10
Server-render explicit width and height attributes so crawlers can verify image area without fetching.
Affected (10)
- /products/30l-travel-backpack-bundle-1-coyote2 <img> tags found, none with width+height
- /products/travel-backpack-20l-stone15 <img> tags found, none with width+height
- /products/travel-backpack-20l-sage15 <img> tags found, none with width+height
- /products/travel-crossbody-3l-stone11 <img> tags found, none with width+height
- /products/travel-crossbody-3l-sage11 <img> tags found, none with width+height
- /products/travel-crossbody-3l-black11 <img> tags found, none with width+height
- /products/travel-crossbody11 <img> tags found, none with width+height
- /products/travel-weekender-25l-stone11 <img> tags found, none with width+height
- /products/travel-weekender-25l-sage11 <img> tags found, none with width+height
- /products/travel-weekender-25l-black11 <img> tags found, none with width+height
…and 1 more
Add preload to your Strict-Transport-Security header and submit to hstspreload.org
Why this matters: HSTS preload-list inclusion is the strongest downgrade protection available — first-time visits are protected too.
Findings (1)
Inspected the homepage Strict-Transport-Security header ("max-age=31536000") and the preload directive is absent.
How: Parse the homepage Strict-Transport-Security header for the preload directive (hstspreload.org vendor extension to RFC 6797).
- HSTS header is missing the preload directiveLOW
What we found
max-age=31536000What we expected
Strict-Transport-Security: max-age=31536000; includeSubDomains; preloadAppend
; preloadafterincludeSubDomainsand submit your domain at https://hstspreload.org/.
Add an AggregateRating to Product nodes when you have real reviews
Why this matters: Review ratings are a trust signal agents use to rank and filter products.
Findings (11)
Looked for a valid aggregateRating on Product JSON-LD across 20 sampled product pages (0 valid, 0%).
How: On each Product node, parse aggregateRating (or the first element if it's an array) and require ratingValue in [0,5] AND reviewCount or ratingCount ≥ 1.
Coverage
0/20 · 0%
- Product has no valid AggregateRating (ratingValue 0-5 + reviewCount/ratingCount ≥ 1)LOW× 10
Render
aggregateRatingfrom real review totals — never fabricate.Affected (10)
- /products/30l-travel-backpack-bundle-1-coyote
- /products/travel-backpack-20l-stone
- /products/travel-backpack-20l-sage
- /products/travel-crossbody-3l-stone
- /products/travel-crossbody-3l-sage
- /products/travel-crossbody-3l-black
- /products/travel-crossbody
- /products/travel-weekender-25l-stone
- /products/travel-weekender-25l-sage
- /products/travel-weekender-25l-black
…and 1 more
Add descriptive alt text to product images (WCAG 2.x SC 1.1.1)
Why this matters: Alt text is the only text description AI agents and screen readers have for your product imagery.
Findings (11)
Parsed <img> alt attributes across 20 sampled product pages (5 have alt text on at least 80% of images).
How: Per PDP, count <img> tags via regex; a tag 'has alt text' when its alt attribute is present AND non-empty after trim. A PDP passes when it carries no <img> at all OR ≥80% of its <img> tags have non-empty alt.
Coverage
5/20 · 25%
- Most images on this product page lack alt textLOW× 10
What we expected
<img src="/img/sneaker.webp" alt="Red leather running shoe, side view" />Populate the alt attribute on each <img> with a description of what the image shows; use alt="" only for decorative images.
Affected (10)
- /products/travel-backpack-20l-stone11/15 <img> tags have non-empty alt (73%)
- /products/travel-backpack-20l-sage11/15 <img> tags have non-empty alt (73%)
- /products/travel-crossbody-3l-stone8/11 <img> tags have non-empty alt (73%)
- /products/travel-crossbody-3l-sage8/11 <img> tags have non-empty alt (73%)
- /products/travel-crossbody-3l-black8/11 <img> tags have non-empty alt (73%)
- /products/travel-crossbody8/11 <img> tags have non-empty alt (73%)
- /products/travel-weekender-25l-stone8/11 <img> tags have non-empty alt (73%)
- /products/travel-weekender-25l-sage8/11 <img> tags have non-empty alt (73%)
- /products/travel-weekender-25l-black8/11 <img> tags have non-empty alt (73%)
- /products/travel-weekender8/11 <img> tags have non-empty alt (73%)
…and 1 more
Publish a substantive About page at a standard URL
Why this matters: Perplexity and ChatGPT use About-page text to summarise your brand to shoppers in answer responses.
Findings (1)
Probed 4 candidate About-page paths and none returned a 2xx body.
How: URL probe of platform-specific about-page paths via politeFetch; the first 2xx response whose HTML-stripped body length is ≥ 200 chars counts as a pass.
- No About page reachable at any standard URLLOW
statuses: /pages/about=404, /pages/about-us=404, /about=404, /about-us=404
Publish an About page at /about (or your platform's standard path) with ≥ 200 chars of body text.
Skipped — No MerchantReturnPolicy node carried returnFees, returnMethod, or refundType, so the enum check has nothing to evaluate.
Context: Invalid enrichment values are dropped silently, leaving merchants confused about why their rendered policy is missing fields they configured.
Why this was skipped
No MerchantReturnPolicy node carried returnFees, returnMethod, or refundType, so the enum check has nothing to evaluate.
How: On each MerchantReturnPolicy node, inspect returnFees/returnMethod/refundType if set; require the bare name or schema.org URL form of a value in the corresponding Schema.org enum.
Skipped — No OfferShippingDetails node carried `deliveryTime`, so the ShippingDeliveryTime check has nothing to evaluate.
Context: Without populated handling/transit times, agents can't quote a delivery window in shopping cards.
Why this was skipped
No OfferShippingDetails node carried deliveryTime, so the ShippingDeliveryTime check has nothing to evaluate.
How: On each OfferShippingDetails node where deliveryTime is set, require an object with at least one of handlingTime / transitTime populated as a QuantitativeValue.
Enable Apple Pay through your payment processor (informational only)
Why this matters: Apple Pay is a checkout-quality signal for human shoppers — informational only, does not affect the agent-readiness score.
Findings (1)
Scanned the homepage and 20 sampled PDPs for Apple Pay markers; none matched.
How: Substring match on known Apple Pay SDK/markup signatures (ApplePaySession, apple-pay-button, /apple-developer-merchantid-domain-association) across the homepage and every sampled PDP HTML.
- No Apple Pay markers detected on the homepage or PDPsINFO
Enable Apple Pay in your payment processor's dashboard (Stripe / Adyen / Braintree). Informational only — does not affect the score.
Enable Google Pay through your payment processor (informational only)
Why this matters: Google Pay is a checkout-quality signal for human shoppers — informational only, does not affect the agent-readiness score.
Findings (1)
Scanned the homepage and 20 sampled PDPs for Google Pay markers; none matched.
How: Substring match on known Google Pay SDK/markup signatures (pay.google.com/gp/p/js/pay.js, google.payments.api, <google-pay-button) across the homepage and every sampled PDP HTML.
- No Google Pay markers detected on the homepage or PDPsINFO
Enable Google Pay in your payment processor's dashboard (Stripe / Adyen / Braintree). Informational only — does not affect the score.
Skipped — Looked for /llms.txt at the site root; the fetcher returned no file.
Context: An /llms.txt manifest points agents at your feed and key pages without them having to guess.
Why this was skipped
Looked for /llms.txt at the site root; the fetcher returned no file.
How: Check whether the fetcher reached an /llms.txt at the site root. Informational only — no failure path per llmstxt.org being a voluntary community convention.