Production website audits, in one scan.
Performance · SEO · Security · A11y · Responsive · Crawl · Functional · API · Errors — orchestrated through BullMQ, persisted in Postgres, summarized by Claude.
Performance
Lighthouse-grade LCP / CLS / INP / TTFB, with optimization opportunities.
SEO
Meta, OG, sitemap, robots, JSON-LD, heading hierarchy, canonical.
Security
TLS, HSTS, CSP, exposed sensitive paths, headers grading.
Accessibility
Full Axe-core audit with WCAG impact-tier severity.
Responsive
Screenshots & overflow detection across 5 viewports.
Crawler
Internal sitemap, broken pages, referrer chains.
API Monitor
XHR / fetch durations, status codes, slowest endpoints.
Errors
Console errors, unhandled exceptions, failed resources.
AI Insights
Each module result is summarized and prioritized by an LLM.
Secrets Scanner
Detects API keys, .env leaks, git metadata, source maps, hardcoded secrets.
AI Leak Detector
Identifies AI-generated boilerplate, insecure auth patterns, exposed API routes.
Frontend Security
XSS, CSRF, CSP weakness, dangerous innerHTML, CORS misconfig.
Deployment Audit
Public staging URLs, open previews, missing HTTPS, broken auth flows.
