Website audit scorecard for promptjoy.app
The scanner fetched the public page, extracted deterministic facts, and stored scored results across SEO / AEO, security, accessibility, and design.
Submitted
https://promptjoy.app/
Final URL
https://promptjoy.app
Created
Jul 12, 2026, 4:30 PM
Safe fetch
210 ms
82
out of 100
89
out of 100
102/114 rule points
75
out of 100
57/76 rule points
72
out of 100
68/94 rule points
92
out of 100
101/110 rule points
Category point breakdown
Biggest score-losing checks
axe found 1 violation rule(s), including 1 serious or critical rule(s). Top rules: color-contrast (4).
A small allowlist probe returned a public success response.
sitemap.xml returned HTTP success but did not contain a urlset or sitemapindex root.
Horizontal overflow: 0px. Small tap targets: 14.
Remove exposed sensitive files
-16 rule ptsWhat failed
A small public allowlist probe found a sensitive-looking file path.
Evidence
A small allowlist probe returned a public success response.
Priority
Priority 1: fix before sharing the page publicly.
Why it matters
Publicly exposed config or backup files can leak implementation details or secrets.
How to fix it
Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.
Copyable agent prompt
Fix rendered axe accessibility violations
-18 rule ptsWhat failed
The rendered page has accessibility rule violations detected by axe-core.
Evidence
axe found 1 violation rule(s), including 1 serious or critical rule(s). Top rules: color-contrast (4).
Priority
Priority 5: fix before sharing the page publicly.
Why it matters
axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
How to fix it
Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.
Copyable agent prompt
Publish a valid sitemap.xml
-12 rule ptsWhat failed
The sitemap file was not reachable or did not look like valid sitemap XML.
Evidence
sitemap.xml returned HTTP success but did not contain a urlset or sitemapindex root.
Priority
Priority 7: fix during launch polish.
Why it matters
A sitemap helps search engines discover the landing page and related public pages sooner.
How to fix it
Add a static sitemap file or dynamic /sitemap.xml route with valid urlset or sitemapindex XML, include your public canonical URLs, and confirm it returns HTTP 200.
Copyable agent prompt
Add common public security headers
-3 rule ptsWhat failed
Several basic browser protection headers were not visible.
Evidence
Detected 4 of 5 common public security headers. Present: strict-transport-security, content-security-policy, x-content-type-options, referrer-policy. Missing: x-frame-options.
Priority
Priority 5: fix before sharing the page publicly.
Why it matters
These headers reduce avoidable browser-side risk and show a baseline of care before launch.
How to fix it
Configure headers such as Strict-Transport-Security, Content-Security-Policy, X-Content-Type-Options, X-Frame-Options, and Referrer-Policy.
Copyable agent prompt
Fix rendered layout ergonomics
-9 rule ptsWhat failed
The browser-rendered page has layout or tap-target issues.
Evidence
Horizontal overflow: 0px. Small tap targets: 14.
Priority
Priority 13: fix during launch polish.
Why it matters
Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.
How to fix it
Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.
Copyable agent prompt
SEO / AEO
Severity mix: 1 critical, 7 high, 3 medium, 2 low.
sitemap.xml validity
-12 rule ptssitemap.xml returned HTTP success but did not contain a urlset or sitemapindex root.
Security
Severity mix: 2 critical, 3 high, 0 medium, 0 low.
Sensitive file probes
-16 rule ptsA small allowlist probe returned a public success response.
Common security headers
-3 rule ptsDetected 4 of 5 common public security headers. Present: strict-transport-security, content-security-policy, x-content-type-options, referrer-policy. Missing: x-frame-options.
Accessibility
Severity mix: 0 critical, 3 high, 5 medium, 0 low.
Rendered axe accessibility violations
-18 rule ptsaxe found 1 violation rule(s), including 1 serious or critical rule(s). Top rules: color-contrast (4).
Basic contrast
-8 rule pts5 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
Design
Severity mix: 0 critical, 3 high, 6 medium, 2 low.
Rendered layout ergonomics
-9 rule ptsHorizontal overflow: 0px. Small tap targets: 14.
Showing failed checks.
Failed checks
These checks need attention.
sitemap.xml validity
0/12sitemap.xml returned HTTP success but did not contain a urlset or sitemapindex root.
Failed: earned 0 of 12 points.
Priority: Priority 7: fix during launch polish.
Why it matters: A sitemap helps search engines discover the landing page and related public pages sooner.
Fix: Add a static sitemap file or dynamic /sitemap.xml route with valid urlset or sitemapindex XML, include your public canonical URLs, and confirm it returns HTTP 200.
Copyable agent prompt
Common security headers
15/18Detected 4 of 5 common public security headers. Present: strict-transport-security, content-security-policy, x-content-type-options, referrer-policy. Missing: x-frame-options.
Failed: earned 15 of 18 points from partial coverage.
Priority: Priority 5: fix before sharing the page publicly.
Why it matters: These headers reduce avoidable browser-side risk and show a baseline of care before launch.
Fix: Configure headers such as Strict-Transport-Security, Content-Security-Policy, X-Content-Type-Options, X-Frame-Options, and Referrer-Policy.
Copyable agent prompt
Sensitive file probes
0/16A small allowlist probe returned a public success response.
Failed: earned 0 of 16 points.
Priority: Priority 1: fix before sharing the page publicly.
Why it matters: Publicly exposed config or backup files can leak implementation details or secrets.
Fix: Remove the exposed file, block public access to that path, and rotate any secrets that may have been exposed.
Copyable agent prompt
Basic contrast
0/85 of 100 rendered text color sample(s) missed WCAG contrast targets. Worst rendered ratio: 1.
Failed: earned 0 of 8 points.
Priority: Priority 20: lower-risk cleanup after urgent launch blockers.
Why it matters: Low contrast makes a launch page feel less polished and can exclude users with low vision.
Fix: Review key text, buttons, and links against a 4.5:1 contrast target for normal text.
Copyable agent prompt
Rendered axe accessibility violations
0/18axe found 1 violation rule(s), including 1 serious or critical rule(s). Top rules: color-contrast (4).
Failed: earned 0 of 18 points.
Priority: Priority 5: fix before sharing the page publicly.
Why it matters: axe checks the actual browser-rendered page, so these issues can affect people using keyboards, screen readers, or other assistive technology.
Fix: Fix the top axe rule IDs first, especially critical and serious violations around names, roles, labels, headings, contrast, landmarks, and keyboard-accessible controls.
Copyable agent prompt
Rendered layout ergonomics
0/9Horizontal overflow: 0px. Small tap targets: 14.
Failed: earned 0 of 9 points.
Priority: Priority 13: fix during launch polish.
Why it matters: Horizontal overflow and tiny tap targets make the page feel broken on real devices, especially for mobile visitors.
Fix: Remove elements wider than the viewport, add responsive constraints, and make important links, buttons, inputs, and controls at least 40px tall and wide where possible.
Copyable agent prompt
Share preview
promptjoy.app website audit report
Close to ready: 82/100 overall, with prioritized fixes for SEO, security, accessibility, and design.
Public reports expose the scanned public URL, safe scores, sanitized public evidence, and fix guidance. They do not include credentials, cookies, hidden form values, or sensitive response bodies.