Sign in to continue
No audit targets configured — add a target in Settings to begin.
| ID | Category | Finding | Sev. |
|---|
WCAG 2.2 Level AA & European Accessibility Act (EAA/Directive 2019/882)
Optimisation for ChatGPT, Perplexity, Google AI Overviews & Bing Copilot
Ruleset: Nielsen's 10 Usability Heuristics + Google Core Web Vitals
Ruleset: GDPR · ePrivacy Directive · German TMG · EU AI Act · CCPA
Ruleset: Google Search Essentials · Core Web Vitals · Structured Data Guidelines
Aggregated quality data grouped by language, country, vertical, brand, or any custom parameter.
How the Site Quality Dashboard works, what it checks, and what it cannot determine automatically.
The Site Quality Dashboard is an automated auditing tool that crawls web properties and evaluates them across five quality dimensions: Accessibility, Generative Engine Optimisation (GEO), Usability, Legal compliance, and SEO. It is designed to give sales engineering and digital teams a structured, evidence-based view of a site's readiness across these domains.
Results are produced by a combination of rule-based HTTP/HTML analysis performed during crawl, and a set of deterministic checks mapped to established standards (WCAG 2.2, Google Search Essentials, Nielsen Heuristics, GDPR, etc.). No AI inference is currently applied during the analysis phase; all findings are based on observable, machine-readable signals.
Automated checks have limits. This tool produces findings based on what is detectable in page source code and HTTP responses. Many real-world accessibility, legal, and usability issues require human expert review and cannot be confirmed or ruled out by automation alone.
Findings marked POTENTIAL FAIL indicate signals that are likely problems but require manual verification. A PASS does not guarantee compliance — it means the automated check did not detect a violation.
Scores are relative indicators for prioritisation and tracking progress over time. They are not legal certifications and should not be relied upon as proof of compliance with WCAG, the EAA, GDPR, or any other regulation.
Every finding in the Accessibility section includes the relevant WCAG 2.2 Success Criterion and Technique reference so you can verify the basis of each check independently. WCAG 3.x annotations are labelled "Working Draft" — that specification is not yet ratified.
The crawler supports three modes, configurable per target:
<nav> and <header> elements, then follows all other internal links via breadth-first search.robots.txt if not specified) and crawls only the URLs listed there.The crawler respects robots.txt disallow rules and enforces a minimum 0.5 s gap between requests (configurable up to 5 s). It runs single-threaded to avoid overloading target servers.
Content-Type, X-Frame-Options, Strict-Transport-Security, etc.)alt attributes, link text, ARIA attributeshreflang tagsAfter crawl, each collected page is run through a set of deterministic rule functions — one per finding type. Each rule emits a finding with a status of FAIL, POTENTIAL FAIL, or PASS and a severity level. The per-page findings are then aggregated to produce category scores.
Each category produces a score from 0–100. The overall score is a weighted average across all five categories.
Weight: 25%. Deductions applied for each FAIL finding, scaled by severity (Critical −15, High −10, Medium −5, Low −2). Floor: 0.
Weight: 20%. Presence and quality of structured data, E-E-A-T signals, FAQ/How-to schema, author metadata, citation sources.
Weight: 20%. Nielsen heuristic violations + Core Web Vitals proxy metrics (response time, page size, redirect chains).
Weight: 15%. Automated signals for GDPR consent, privacy policy presence, impressum (TMG), cookie categorisation disclosures.
Weight: 20%. On-page signals: title/meta, heading hierarchy, canonical, hreflang, structured data validity, internal linking.
Scores are intended for relative comparison (between targets, between crawl runs) rather than as absolute compliance measures.
Based on WCAG 2.2 Level AA (W3C Recommendation, October 2023) and the European Accessibility Act / Directive 2019/882. The EAA requires most B2C digital services in the EU to meet EN 301 549, which references WCAG 2.1 AA as its web standard (updated to WCAG 2.2 in practice).
ARIA landmark roles present on every page (main, nav, banner, contentinfo).
All <img> elements have a non-empty alt attribute (or role="presentation" for decorative images).
Link text is descriptive — detects generic text like "click here", "read more", "here".
Expandable/collapsible controls carry aria-expanded.
<html lang="..."> attribute is present and non-empty.
<title> element is present, non-empty, and unique across pages.
No tabindex values greater than 0 (which would disrupt keyboard order); no onmousedown/onclick-only event handlers on non-interactive elements.
Text/background colour contrast ≥ 4.5:1 (normal text) and ≥ 3:1 (large text) — checked on inline styles and common CSS patterns.
Images with empty alt and no role="presentation" are flagged as potentially decorative-but-unmarked.
GEO evaluates how well a page is structured for citation and retrieval by large language model-based search surfaces (ChatGPT Browse, Perplexity, Google AI Overviews, Bing Copilot). The signals are drawn from published research on LLM retrieval preferences and observed citation patterns.
Article, FAQPage, HowTo, Product, Organization)<article>, <section>, <aside>)robots.txt and X-Robots-Tag not blocking AI crawlers (GPTBot, ClaudeBot, PerplexityBot)schema:author, <meta name="author">)Based on Nielsen's 10 Usability Heuristics (NN/g, 1994, updated 2020) and Google Core Web Vitals proxy metrics collected during crawl.
True CWV require browser-level rendering. The crawler measures proxy signals:
Automated legal checks detect observable signals only. Legal compliance assessment requires qualified legal counsel — these findings are indicators for prioritisation, not legal opinions.
<head> referencing known analytics/ad domains)SameSite and Secure flags on cookies (via Set-Cookie headers)Based on Google Search Essentials (formerly Webmaster Guidelines), Core Web Vitals documentation, and Google's Structured Data Guidelines.
robots.txt: valid, no accidental blanket disallowhreflang: present for multi-language sites, reciprocal tags validatedArticle, Product, BreadcrumbList, FAQPage)W3C Recommendation, October 2023. w3.org/TR/WCAG22
W3C Working Draft, ongoing. w3.org/TR/wcag-3.0 — not yet ratified.
EU Directive 2019/882. Deadline: 28 June 2025 for most B2C services. EUR-Lex
Regulation (EU) 2016/679. ePrivacy Directive 2002/58/EC (Cookie Law). gdpr.eu
Formerly Webmaster Guidelines. developers.google.com
10 Usability Heuristics for User Interface Design. NN/g, 1994 / 2020. nngroup.com
Regulation (EU) 2024/1689. Transparency obligations for AI systems interacting with users. EUR-Lex
Google, 2020–present. LCP, CLS, INP thresholds. web.dev/vitals
The Site Quality Audit API exposes audit results and on-demand analysis to external systems. The interactive reference — including a "Try it out" console — is available at /api/docs. The raw OpenAPI 3.1 specification is served at /api/v1/openapi.json.
/api/v1/ — all v1 endpoints are prefixed here.
All requests and responses use application/json.
60 requests per minute per API key. Exceeding returns 429 Too Many Requests.
Generate and revoke keys in Settings → API Keys (admin only).
Every API request must include an X-API-Key header with a valid key. Keys are prefixed sqa_ and are 52 characters long. They are shown exactly once on creation.
curl https://your-host/api/v1/targets \ -H "X-API-Key: sqa_your_key_here"
Keys can also be passed as a query parameter for testing: ?api_key=sqa_… — prefer the header in production.
Missing key → 401 Unauthorized. Invalid key → 401 Unauthorized. Rate exceeded → 429 Too Many Requests.
List all audit targets with their latest scores per category.
Single target metadata (name, URL, crawl settings).
Latest completed crawl: scores + findings. Filter by ?category=, ?severity=, ?status=.
Paginated crawl history. Supports ?page= and ?per_page= (max 50).
Findings from the latest crawl, filterable by category / severity / status.
All clusters with averaged scores across their member targets.
Aggregated scores + merged findings for a cluster. Filter by ?category=.
Synchronously crawls a URL and returns findings and scores. Expect 5–30 s. Useful for CMS preview hooks or CI pipelines.
curl -X POST https://your-host/api/v1/analyze \
-H "X-API-Key: sqa_your_key_here" \
-H "Content-Type: application/json" \
-d '{
"url": "https://example.com",
"max_pages": 5,
"categories": ["a11y", "seo"]
}'
Response fields: url, pages_crawled, scores (object), findings (array), findings_count.
For the full interactive reference with schema details and a live console, open /api/docs ↗.
API keys grant programmatic access to /api/v1/ endpoints.
Keys are shown once on creation — store them securely.
View API docs ↗