Let me know if anything is detected wrong!

Alright, so I went through all the potential issues and already implemented the changes where applicable :).

My app is Tekyous (didn't go through this option to claim the launch): https://stackscope.dev/launch/xsa4cjwn/tekyous

And turns out that actually there were almost no false-positives here at all. Some of the flagged things were rather minor, like missing files that are not really necessary in my case, or too long meta descriptions, but technically all is flagged correctly even if severity is low.

But on the other hand, it has also correctly flagged my tracking settings or overly strict rules for AI crawlers, so this were genuinely useful for me to find out now.

And the only real false-positive is actually a recognised AI builder signature for Bolt.new - not sure where that one comes from, as Bolt.new was not used here. I've only used Claude Code, mostly with Anthropic + GLM by Z.AI models.

Hope that feedback helps you, as I have defnitely found it helpful on my end. Thanks!

I'm trying but it's getting blocked by Cloudflare and ending up getting broken, ha!

I will include a vibe score trend in the next blog post.

Cloudflare Pages get hidden behind the CF CDN, so are included in the CDN figure.

right, makes sense

What's your response header content? Reads like it's being cf-mitigated.

Edit: loosened a cf rule, should be good now.

hey, congrats on the launch, your own tool is flagging shielddeskhq.com at 35, worth a quick fix.

You're right — fixing it now. SPF and DMARC records need updating on my end. Appreciate you scanning it

You are missing the following security headers on your site:

X-Frame-Options Permissions-Policy X-Content-Type-Options