squirrelscan - Website audit tool built for AI agents

Website audit tool built for AI agents. 245+ SEO, performance & security rules. Run them from the CLI, your coding agent, the cloud, or over MCP. Free, with shareable reports.

65 pages • Generated 3rd Jul 2026 at 10:33 UTC
73C
94
SEO
1 error · 275 warnings
74
Performance
4 errors · 284 warnings
78
Security
149 warnings
100
Agents
no issues

Editor's summary

Auto-generated editor's summary — informational, not scored.

Squirrelscan is fundamentally sound in terms of structure and SEO, but we have some technical debt dragging down performance and user perception. While the site is highly accessible and crawlable, the underlying technical layer is bloated with unoptimized JavaScript and poor caching practices that create unnecessary hurdles for users. We are missing the mark on some basic compliance and security hygiene, specifically regarding data exposure and cookie handling. The site is hitting the main targets for global software visibility, but the current performance drag is avoidable. We need to shift focus from content creation to tightening these technical bottlenecks to improve the overall health score.

Verdict: The site is structurally capable but technically unoptimized, requiring immediate technical maintenance to resolve performance and security risks.
65
Pages
7,003
Passed
708
Warnings
5
Failed
Screenshot of https://squirrelscan.com

Domain stats

Domain SEO stats — informational, not scored.
2.4kBacklinks
846Ref. domains
5Organic keywords
2Organic traffic
0Paid traffic
$0Paid traffic cost
Organic positions
#1
0
#2–3
0
#4–10
0
#11–20
0
#21–30
0
#31–40
0
#41–50
0
#51–60
0
#61–70
1
#71–80
3
#81–90
0
#91–100
1

Technologies

Detected tech stack — informational, not part of the score. No changes since last scan.
🌐 CDN & Edge
CloudflareCloudflare
📊 Analytics
Cloudflare Web AnalyticsCloudflare Web AnalyticsCloudflare Web Analytics / InsightsCloudflare Web Analytics / Insights
🔒 Security & Consent
CloudflareCloudflareCloudflare TurnstileCloudflare Turnstile
📦 Other
ViteVite

Issues

SEOSitemap Coveragewarning24 pages affected
crawl/sitemap-coveragedocs
Checks for indexable pages that are not in the sitemap
Solution
Your sitemap should include all pages you want search engines to index. Pages that are crawlable and indexable (no noindex, not blocked by robots.txt) should generally be in your sitemap. Missing pages may not be discovered or indexed efficiently. Use a sitemap generator that automatically includes all indexable pages, or manually add important pages.
SEOMeta Titlewarning2 pages affected
core/meta-titledocs
Validates page title presence and length
Solution
Every page needs a unique, descriptive title tag between 30-75 characters. Titles appear in browser tabs, search results, and social shares. Write titles that accurately describe the page content while including your primary keyword near the beginning. If your title is too short, add more descriptive context. If too long, prioritize the most important information first and trim secondary details. Avoid keyword stuffing or duplicate titles across pages.
SEOMeta Descriptionwarning4 pages affected
core/meta-descriptiondocs
Validates meta description presence and length
Solution
Meta descriptions should be 120-160 characters and provide a compelling summary of the page. While not a direct ranking factor, good descriptions improve click-through rates from search results. Write unique descriptions for each page that accurately preview the content. Include a call-to-action when appropriate. If missing, search engines will auto-generate snippets which may not represent your page optimally.
SEOBroken External Linkswarning5 pages affected
links/broken-external-linksdocs
Detects external links returning 4xx/5xx errors or timeouts
Solution
Broken external links hurt user experience and credibility. Regularly audit external links using automated tools. Remove or replace broken links with working alternatives. Consider using archived versions (archive.org) if the original content is gone. For important resources, consider hosting your own copies of critical documentation or linking to more stable sources.
SEONofollow Internalwarning1 page affected
links/nofollow-internaldocs
Flags internal links with rel=nofollow
Solution
Nofollow on internal links wastes PageRank and is generally bad practice. Internal links should flow link equity freely throughout your site. Remove nofollow from internal links unless you have a specific reason (e.g., user-generated content links). Use nofollow for external links you don't endorse.
2 internal link(s) have nofollow
1 page affected
2 items
/reports/squirrelscan-sample.html
/reports/squirrelscan-sample.html
SEOOrphan Pageswarning2 pages affected
links/orphan-pagesdocs
Detects pages with no internal links pointing to them
Solution
Orphan pages have no internal links and are hard for search engines to discover. They may not get indexed or rank well. Add internal links from relevant pages. Include in navigation or sidebar. Add to sitemap. Create contextual links from related content. If intentionally orphaned (e.g., landing pages), ensure they're accessible via sitemap.
2 orphan page(s) with <2 incoming links
2 items
SEODuplicate Descriptionwarning4 pages affected
content/duplicate-descriptiondocs
Checks for duplicate meta descriptions across the site
Solution
Each page should have a unique meta description that summarizes its specific content. Duplicate descriptions reduce click-through rates and provide poor user experience in search results. Write unique, compelling descriptions for each page. For pages without unique content (like paginated results), consider using no description rather than a duplicate.
1 duplicate description(s) found across 4 pages
1 item
"squirrelscan release history and changel..." (4 pages)
from: /releases
from: /releases
from: /releases
... +1 more pages
SEOKeyword Stuffingwarning17 pages affected
content/keyword-stuffingdocs
Detects excessive keyword repetition in content
Solution
Keyword stuffing is repeating words unnaturally to manipulate rankings. Search engines penalize this practice. Write naturally for users first. Use keywords where they fit naturally. Aim for 1-2% keyword density at most. Use synonyms and related terms instead of repeating the exact same phrase. Focus on providing value, not gaming algorithms.
N word(s) may be overused (17 pages)
17 pages affected
13 items
"aria" (3.0%)
"audit" (3.1%)
"beta" (5.5%)
"checksum" (3.2%)
"cloud" (3.2%)
"com" (3.1%)
"credits" (4.1%)
"https" (3.1%)
"mbdownloadsha" (3.7%)
"rules" (3.1%)
"site" (3.2%)
"squirrel" (3.2%)
"squirrelscan" (5.1%)
SEOWord Countwarning36 pages affected
content/word-countdocs
Checks content length for thin content issues
Solution
Pages with thin content (under 300 words) often struggle to rank well and are actively deindexed by Google since the June 2025 core update. Add more valuable, relevant content to thin pages—aim for at least 500 words for standard pages and 1000+ for in-depth articles. If a page can't be fleshed out, voluntarily noindex it or consolidate it into a more comprehensive resource. Trimming thin pages from your index is better than leaving low-value content for Google to penalize.
Thin content: N words (min N) (36 pages)
36 items
SEOVideo Schemawarning1 page affected
schema/videodocs
Validates VideoObject schema for video content
Solution
VideoObject schema enables video rich results and carousels. Required: name, description, thumbnailUrl, uploadDate. Recommended: duration (ISO 8601), contentUrl, embedUrl. For video courses, use Course with hasCourseInstance. Ensure thumbnailUrl is high quality (min 160x90, max 1920x1080).
Page has video but no VideoObject schema
1 page affected
SEOImage Alt Textwarning12 pages affected
images/alt-textdocs
Validates image alt attributes
Solution
Alt text describes images for screen readers and displays when images fail to load. It's essential for accessibility and helps with image search SEO. Add descriptive alt text to all meaningful images. Keep it concise (under 125 characters) but descriptive. For decorative images, use empty alt="" to indicate they should be skipped by screen readers. Avoid keyword stuffing in alt text.
SEOOffscreen Image Lazy Loadingwarning2 pages affected
images/offscreen-lazydocs
Checks if offscreen images use lazy loading
Solution
Add loading='lazy' to images below the fold to defer loading until needed. This reduces initial page load time and saves bandwidth. Exception: Don't lazy-load LCP image or above-the-fold content. Use loading='eager' for critical images.
N below-fold image(s) without lazy loading (2 pages)
2 pages affected
11 items
html-report-screenshot.webp
logo-horizontal-dark.png
logo-horizontal-light.png
logo-horizontal-transparent.png
logo-icon-cream.png
logo-icon-dark.png
logo-icon-light.png
logo-stacked-cream.png
logo-stacked-dark.png
logo-stacked-light.png
logo-stacked-transparent.png
SEOResponsive Image Sizewarning4 pages affected
images/responsive-sizedocs
Checks if images are sized appropriately for their display size
Solution
Serve images at appropriate sizes for their display dimensions. Oversized images waste bandwidth and slow page load. Undersized images look blurry on high-DPI displays. Use srcset to serve different sizes for different screens. For responsive images, serve 1x, 2x, and optionally 3x versions. Image CDNs can automatically resize images on-the-fly.
N small image(s) may be serving oversized files (4 pages)
4 pages affected
2 items
nik.webp (32x32, no srcset)
nik.webp (80x80, no srcset)
SEOImage Dimensionswarning16 pages affected
images/dimensionsdocs
Checks for width/height attributes (prevents CLS)
Solution
Specifying width and height attributes prevents Cumulative Layout Shift (CLS) by reserving space before images load. Add width and height attributes to img tags matching the image's intrinsic dimensions. Use CSS for responsive sizing if needed. For responsive images, the aspect ratio from width/height prevents layout shifts even when CSS overrides the actual size.
SEOColor Contrastwarning68 pages affected
a11y/color-contrastdocs
Checks for color contrast issues in styles and classes
Solution
Text must have sufficient contrast with its background for readability. WCAG AA requires 4.5:1 for normal text and 3:1 for large text (18px+ or 14px+ bold). Use tools like WebAIM Contrast Checker to verify. Common issues: light gray text, text over images without overlay. Don't rely on color alone to convey information - add icons or text labels.
N potential color contrast issue(s) (68 pages)
68 pages affected
49 items
a with class "inline-flex items-center gap-2..." may have low contrast
a with class "text-muted-foreground hover:te..." may have low contrast
button with class "flex items-center gap-1 text-s..." may have low contrast
button with class "h-full px-3 flex items-center ..." may have low contrast
button with class "px-1.5 py-0.5 border transitio..." may have low contrast
button with class "px-4 py-2 text-sm font-semibol..." may have low contrast
div with class "absolute opacity-20 animate-dr..." may have low contrast
div with class "mt-4 flex flex-wrap items-cent..." may have low contrast
div with class "text-[10px] text-muted-foregro..." may have low contrast
div with class "text-muted-foreground..." may have low contrast
div with class "text-sm text-muted-foreground ..." may have low contrast
div with class "text-sm text-muted-foreground..." may have low contrast
div with class "text-xs text-muted-foreground ..." may have low contrast
div with class "text-xs text-muted-foreground..." may have low contrast
figcaption with class "mt-2 text-center text-sm text-..." may have low contrast
h2 with class "text-sm font-semibold mb-2 tex..." may have low contrast
h2 with class "text-sm font-semibold mb-4 tex..." may have low contrast
h3 with class "font-semibold text-sm uppercas..." may have low contrast
h3 with class "text-sm font-semibold mb-2 tex..." may have low contrast
h3 with class "text-sm font-semibold mb-3 tex..." may have low contrast
h3 with class "text-sm font-semibold mb-4 tex..." may have low contrast
li with class "text-muted-foreground leading-..." may have low contrast
p with class "mb-4 text-base text-muted-fore..." may have low contrast
p with class "mt-3 text-xs text-muted-foregr..." may have low contrast
p with class "mt-4 text-base md:text-lg text..." may have low contrast
p with class "mt-4 text-lg md:text-xl text-m..." may have low contrast
p with class "mt-4 text-sm text-muted-foregr..." may have low contrast
p with class "text-center text-sm text-muted..." may have low contrast
p with class "text-center text-xs text-muted..." may have low contrast
p with class "text-muted-foreground leading-..." may have low contrast
p with class "text-muted-foreground max-w-lg..." may have low contrast
p with class "text-muted-foreground text-lg..." may have low contrast
p with class "text-sm text-muted-foreground ..." may have low contrast
p with class "text-sm text-muted-foreground..." may have low contrast
p with class "text-xs text-muted-foreground ..." may have low contrast
p with class "text-xs text-muted-foreground..." may have low contrast
p with class "text-xs text-muted-foreground/..." may have low contrast
span with class "block text-xs text-muted-foreg..." may have low contrast
span with class "hidden sm:inline text-muted-fo..." may have low contrast
span with class "ml-2 text-[10px] font-mono tex..." may have low contrast
span with class "px-4 py-2 text-sm text-muted-f..." may have low contrast
span with class "text-muted-foreground text-sm..." may have low contrast
span with class "text-sm text-muted-foreground..." may have low contrast
svg with class "h-4 w-4 text-muted-foreground..." may have low contrast
th with class "px-3 py-2 text-left font-semib..." may have low contrast
time with class "text-muted-foreground..." may have low contrast
time with class "text-sm text-muted-foreground..." may have low contrast
ul with class "mb-4 list-disc space-y-1.5 pl-..." may have low contrast
ul with class "space-y-2 text-sm text-muted-f..." may have low contrast
SEOVideo Captionswarning2 pages affected
a11y/video-captionsdocs
Checks that videos have captions or transcripts
Solution
All video content needs captions for deaf/hard-of-hearing users (WCAG 1.2.2). Add <track kind='captions' src='captions.vtt' srclang='en'> to video elements. For embedded videos (YouTube, Vimeo), enable captions in the embed settings. Also provide a text transcript for complex content. Auto-generated captions should be reviewed for accuracy.
1 video(s) without caption tracks
1 page affected
1 item
SEOHeading Orderwarning2 pages affected
a11y/heading-orderdocs
Checks that heading levels don't skip
Solution
Headings should follow a logical hierarchy without skipping levels. Screen reader users navigate by headings, so skipping from H1 to H3 is confusing. Correct order: H1 -> H2 -> H3 (not H1 -> H3). You can have multiple headings at the same level, and you can go back up (H3 -> H2 is fine). Think of headings as an outline - they should make sense when read alone.
1 heading level skip(s) detected (2 pages)
2 pages affected
1 item
H3 after H1
SEOIdentical Links Same Purposewarning59 pages affected
a11y/identical-links-same-purposedocs
Checks that links with identical text go to the same destination
Solution
Links with the same visible text should go to the same URL. When identical link text leads to different destinations, it confuses screen reader users who navigate by listing links. Make link text unique or more descriptive to differentiate destinations.
SEORedundant Image Altwarning1 page affected
a11y/image-redundant-altdocs
Checks that image alt text is not redundant with surrounding text
Solution
Image alt text should not start with 'image of', 'photo of', 'picture of', etc. Screen readers already announce that it's an image. Alt text should describe the content or function, not state the obvious. Also avoid duplicating adjacent text in the alt.
3 image(s) with redundant alt text
1 page affected
3 items
"OG preview card for ..." duplicates figcaption
"Published report for..." duplicates figcaption
"squirrelscan dashboa..." duplicates figcaption
SEOLink Textwarning68 pages affected
a11y/link-textdocs
Checks for descriptive link text
Solution
Link text should describe the destination, not generic phrases like 'click here'. Screen reader users often navigate by links, hearing them out of context. Good: 'View our pricing plans'. Bad: 'Click here'. For icon-only links, add aria-label: <a href='/search' aria-label='Search'><svg>...</svg></a>. Empty links are especially problematic - add text or aria-label.
SEOVideo Schemawarning1 page affected
video/video-schemadocs
Checks for VideoObject schema on pages with video
Solution
Add VideoObject schema to pages with video content for rich results. Required: name, description, thumbnailUrl, uploadDate. Recommended: duration, contentUrl, embedUrl. Schema enables video carousels and previews in search results. Test with Google's Rich Results Test.
Video content without VideoObject schema
1 page affected
SEOVideo Accessibilitywarning1 page affected
video/video-accessibledocs
Checks for video captions and transcripts
Solution
Videos need captions for deaf/hard-of-hearing users and transcripts for SEO. Use <track> elements for captions. Provide text transcripts on the page. Auto-generated captions should be reviewed for accuracy. Captions also help when audio can't be played. Required by WCAG 2.1 Level A.
No videos have caption tracks
1 page affected
SEOVideo Thumbnailinfo1 page affected
video/video-thumbnaildocs
Checks that videos have poster/thumbnail images
Solution
Video poster images improve perceived performance and user experience. For HTML5 video, use the poster attribute. For embedded videos, thumbnailUrl in VideoObject schema. Thumbnails should be high quality, relevant to content, and properly sized (recommend 1280x720 or higher).
PerformanceJavaScript File Size Too Largeerror68 pages affected
perf/js-file-sizedocs
Checks for JavaScript files that exceed recommended size limits
Solution
Large JavaScript files block the main thread and delay interactivity. Code-split bundles into smaller chunks, tree-shake unused exports, lazy-load non-critical scripts, and defer or async load third-party scripts. Use dynamic imports for route-based splitting.
1 JS file(s) exceed 1.0 MB
1 item
/assets/index-DfTl1ycH.js
from: /
from: /about
from: /blog
... +65 more pages
PerformanceLCP Optimization Hintswarning1 page affected
perf/lcp-hintsdocs
Checks for Largest Contentful Paint optimization opportunities
Solution
LCP measures when the largest content element becomes visible. Optimize by: 1) Preload your LCP image with <link rel='preload' as='image'>. 2) Don't use loading='lazy' on above-fold images as it delays loading. 3) Minimize render-blocking CSS/JS in <head>. 4) Use modern image formats (WebP/AVIF) for faster loading. 5) Consider using fetchpriority='high' on the LCP image.
2 likely-LCP images loaded without preload
1 item
PerformanceCLS Optimization Hintswarning2 pages affected
perf/cls-hintsdocs
Checks for Cumulative Layout Shift prevention
Solution
CLS measures visual stability - how much content shifts during load. Prevent layout shifts by: 1) Always set width and height attributes on images and iframes. 2) Reserve space for ads and embeds with CSS min-height. 3) Use CSS aspect-ratio for responsive media. 4) Avoid inserting content above existing content. 5) Use transform animations instead of properties that trigger layout.
11 image(s) without width/height (CLS risk)
1 page affected
11 items
/animations/agent_integration.svg
/animations/ai_parse.svg
/animations/dead_links.svg
/animations/editor_summary.svg
/animations/parallel_crawl.svg
/animations/publish.svg
/animations/render.svg
/animations/scheduled.svg
/animations/site_metadata.svg
/animations/smart_rules.svg
/animations/tech_detect.svg
3 image(s) without width/height (CLS risk)
1 page affected
3 items
/images/blog/nikcub-report-example.webp
/images/blog/report-og-preview.webp
/images/blog/squirrel-dashboard.webp
PerformanceTotal Page Weightwarning0 pages affected
perf/total-byte-weightdocs
Checks the total byte weight of the page
Solution
Reduce total page weight for faster loads on slow connections. Optimize images (use modern formats, compress, serve appropriate sizes). Minify and compress CSS/JS. Remove unused code via tree-shaking. Lazy-load non-critical resources. Target under 1.6MB for mobile users.
Total tracked resources: 4702KB (heavy page)
PerformanceWeak Caching (site-wide)warning0 pages affected
perf/bad-cachingdocs
Flags sites where most pages lack caching freshness, validators, or compression
Solution
Set Cache-Control with an appropriate max-age on every response (short for HTML, long + immutable for hashed static assets), expose an ETag or Last-Modified for cheap revalidation, and enable gzip/Brotli for text responses. Consistent caching across the whole site cuts repeat-visit load times and origin/CDN cost.
68/68 pages lack a caching freshness lifetime
68/68 pages lack an ETag or Last-Modified validator
PerformanceCritical Request Chainswarning68 pages affected
perf/critical-request-chainsdocs
Identifies chains of dependent resources that delay rendering
Solution
Critical request chains are sequences of dependent network requests that must complete before the page can render. Reduce chain depth by: 1) Inlining critical CSS instead of linking external files. 2) Adding async or defer to non-critical scripts. 3) Avoiding CSS @import — use <link> tags instead. 4) Using <link rel='preload'> for critical resources. 5) Reducing the number of render-blocking resources in <head>.
PerformanceDuplicate JavaScriptwarning20 pages affected
perf/duplicate-jsdocs
Detects duplicate JavaScript libraries loaded multiple times
Solution
Remove duplicate JavaScript library loads to reduce page weight and avoid conflicts. Check for the same library loaded from different CDNs or versions. Use a single source for each dependency. Consider using a module bundler to deduplicate shared dependencies.
PerformanceINP Optimization Hintsinfo20 pages affected
perf/inp-hintsdocs
Checks for Interaction to Next Paint optimization
Solution
INP measures responsiveness to user interactions. Improve by: 1) Minimize third-party scripts that block the main thread. 2) Use async/defer for non-critical scripts. 3) Break up long JavaScript tasks into smaller chunks. 4) Use web workers for heavy computations. 5) Implement code splitting to reduce initial bundle size. Consider using requestIdleCallback for non-urgent work.
PerformanceLazy Loading Above Foldwarning6 pages affected
perf/lazy-above-folddocs
Detects lazy loading on likely above-fold images
Solution
Don't use loading='lazy' on images that appear above the fold (visible without scrolling). Lazy loading these images delays LCP because the browser waits for layout before fetching. For hero images and LCP candidates: 1) Remove loading='lazy'. 2) Add fetchpriority='high'. 3) Consider preloading with <link rel='preload' as='image'>. Only use lazy loading for below-fold images.
N above-fold image(s) with lazy loading (6 pages)
6 pages affected
8 items
/animations/agent_integration.svg
/animations/parallel_crawl.svg
/animations/smart_rules.svg
/images/blog/hello-from-squirrelscan.webp
/images/blog/introducing-squirrelscan-cloud.webp
/images/blog/nikcub-report-example.webp
/images/blog/publish-and-share-audit-reports.webp
/people/nik.webp
PerformanceUnminified JavaScriptwarning68 pages affected
perf/unminified-jsdocs
Detects unminified JavaScript that could be optimized
Solution
Minify JavaScript to reduce file size and improve load times. Use build tools like Terser, esbuild, or UglifyJS. Most bundlers (Webpack, Vite, Rollup) minify automatically in production. Minification shortens variable names, removes whitespace, and dead code.
PerformanceCache Headerswarning68 pages affected
PerformanceSource Mapsinfo34 pages affected
SecurityLeaked Environment Variableswarning0 pages affected
security/leaked-secretsdocs
Checks for exposed API keys, secrets, and credentials in HTML/JS
Solution
API keys and secrets exposed in client-side code can be harvested by attackers to access your services, incur charges, or steal data. Move sensitive credentials to server-side code and use environment variables that are NOT exposed to the browser. For frontend apps, use a backend proxy to make authenticated API calls. Rotate any exposed credentials immediately. Consider using secret scanning tools like Gitleaks or TruffleHog in your CI/CD pipeline to prevent future leaks.
1 potential secret(s) detected (verify manually)
1 item
Found in external-script (https://clerk.squirrelscan.com/npm/@clerk/ui@1.24.0/dist/vendors_ui_bb3105_1.24.0.js)
SecurityContent Security Policywarning0 pages affected
security/cspdocs
Checks for Content-Security-Policy header and validates directives
Solution
CSP prevents XSS attacks by restricting which resources can load. Start with a report-only policy to identify issues. Key directives: default-src 'self', script-src (avoid 'unsafe-inline'), img-src, style-src, frame-ancestors. Use nonces or hashes instead of 'unsafe-inline' for scripts. Test thoroughly as strict CSP can break functionality.
No Content-Security-Policy header
SecurityHSTS Headerwarning0 pages affected
security/hstsdocs
Checks for HTTP Strict Transport Security header
Solution
HSTS forces browsers to only connect via HTTPS, preventing downgrade attacks. Add the header: Strict-Transport-Security: max-age=31536000; includeSubDomains. Start with a short max-age (1 day) to test, then increase to 1 year. The includeSubDomains directive protects all subdomains. Consider preloading via hstspreload.org for maximum protection.
Missing Strict-Transport-Security header
SecurityForm CAPTCHAwarning46 pages affected
security/form-captchadocs
Checks for CAPTCHA protection on public forms
Solution
Add CAPTCHA protection (reCAPTCHA, Cloudflare Turnstile, hCaptcha, etc.) to public-facing forms to prevent spam and bot submissions. Contact forms, comment forms, newsletter signups, and registration forms are common targets for automated abuse. Modern CAPTCHA solutions like Turnstile offer invisible protection with minimal user friction.
SecurityThird-Party Cookiesinfo30 pages affected
security/third-party-cookiesdocs
Detects third-party resources that may set cookies
Solution
Third-party cookies are being phased out by browsers. Review resources from external domains that may set cookies for tracking. Consider using first-party analytics solutions, server-side tracking, or privacy-focused alternatives. Ensure compliance with GDPR/CCPA by providing cookie consent and disclosing third-party services in your privacy policy.
SecurityCookie Consentinfo68 pages affected
legal/cookie-consentdocs
Checks for cookie consent mechanism
Solution
Cookie consent is required under GDPR and ePrivacy regulations for EU users. Implement a consent banner that: allows users to accept/reject non-essential cookies, doesn't pre-check optional cookies, stores consent preferences, and blocks tracking cookies until consent. Use tools like CookieYes, OneTrust, or Cookiebot.
SecuritySub-processor Disclosureinfo0 pages affected
legal/subprocessor-disclosuredocs
Checks for a sub-processor / data-processing (DPA) disclosure page or link
Solution
Under GDPR Art. 28, processors must disclose the sub-processors they engage and offer a Data Processing Agreement (DPA). Publish a /subprocessors page listing each third party that handles customer personal data (purpose, location), keep it current, and link a DPA from your legal/trust pages. B2B SaaS and fintech buyers expect this during security review.
No sub-processor / data-processing (DPA) disclosure found
SecurityPrivacy Filter Matcheswarning5 pages affected
adblock/privacy-blockeddocs
Checks for trackers and analytics that privacy filter lists (EasyPrivacy) would block
Solution
Resources matching EasyPrivacy are blocked by privacy-focused browsers and extensions (uBlock Origin, Brave, Firefox strict mode). Analytics, session replay, and tracking pixels on these domains will silently fail for those visitors, skewing your data. Consider first-party or privacy-respecting analytics so measurement survives tracker blocking.
1 resource(s) would be blocked by privacy filters (EasyPrivacy)
1 item

2 checks didn't run this audit

These cloud checks couldn't run this audit — the cloud service may have been temporarily unavailable. Re-run the audit to try again.

Content Without JavaScript
Authority Signals