AgentGrade

Scan any site for AI agent capabilities and payment protocols.

agentgrade.com · Added April 20, 2026 · Last analysed April 20, 2026 · via Hacker News · 56% unique tagline

Own this Launch?

StackScope is a free public catalogue of indie launches. We find launches on Product Hunt, Hacker News and similar feeds, then crawl each site to detect its tech stack and score it for launch readiness: DNS, security headers, SEO basics. This page is what we saw on 20 April 2026; the live site may have changed since.

AgentGrade is partway there, with clean crawl signals. What needs work: missing several security headers, incomplete legal pages, and no email security records.

Launched on Hacker News on April 19, 2026. The site is hosted on BI-631 - Build io in the United States, with a domain registered in 2004. The crawl picked up 4 technologies on this site, covering developer tools, DNS providers, frameworks, and proxy. The stack includes Express, DNSimple, and Envoy.

For context, it's running the same core stack as 116 other launches.

If you own this site, refresh the snapshot and see the full fix list any time →

4.3

StackScope Score

Fair

76/100 Launch Readiness

Well prepared

0/6 Security Headers

Poor

0/3 Legal

Missing

2/2 Web Standards

Complete

Vibe Score 20 · Few AI signals

Informational pattern-match signal. Does not feed the StackScope Score. See which fingerprints fired →

Tech Stack (4)

Infrastructure

DNS	DNSimple
Proxy	Envoy

Build & Framework

Developer tools	Postman
Framework	Express

Infrastructure

Network

BI-631 - Build io, Inc., US

AS17294 · US

DNS

DNSimple

Authoritative nameserver

DNSSEC

Not enabled

DNS responses unsigned. Cache-poisoning vulnerable.

SSL Certificate

Let's Encrypt

Valid 1 Apr 2026 to 30 Jun 2026

Certificate as captured in this snapshot, not a live check.

Domain Age

22 years

Registered Jun 2004 · GoDaddy.com, LLC

Email Security

✗

SPF Not published. Your domain can be spoofed in phishing emails.

DKIM Not detected at common selectors. Your provider may use a custom one.

✗

DMARC Not published. Receivers fall back to permissive defaults.

MTA-STS Not deployed. Mail to your domain can be downgraded to plaintext en route.

TLS-RPT Not configured. You won't hear about silent SMTP TLS handshake failures.

Readiness Breakdown How?

✓ Custom title and meta description

✓ Open Graph tags (title, image, description)

✓ Twitter card meta tags

✓ Responsive viewport meta tag

✓ Favicon present

- Canonical URL declared

- Semantic HTML (nav, main, article)

Vibe Score Breakdown How?

Signal	Points
AI writing signals	+5
AI CSS signals	+15

This score is based on structural patterns and is not definitive. Many legitimate sites may trigger signals, and AI-built sites may go undetected. It should be treated as an indicator, not a verdict.

AI Stance

Welcomes AI crawlers

✓ llms.txt published

✓ No AI bots blocked in robots.txt

Content-Signal

? No directive declared

Link headers

✓ service-desc

Well-Known Files

✓ robots.txt

✓ sitemap.xml (88 URLs)

✗ security.txt

✓ llms.txt

✗ ads.txt

✗ humans.txt

Legal

? Privacy Policy not detected

? Terms of Service not detected

Detection works best on English language sites.

Security Headers (0/6)

✗

Referrer-Policy

✗

X-Frame-Options

✗

Permissions-Policy experimental (check browser support)

✗

X-Content-Type-Options

✗

Content-Security-Policy

✗

Strict-Transport-Security

–

X-XSS-Protection deprecated (use Content-Security-Policy)

Performance

443ms response time

Faster than 42% of sites

Build

✗ HTML minified

✗ CSS minified

✗ JS minified

0 JS files

0 CSS files

0 Third-party domains

Something not look right? If a technology shown here is wrong or out of date, email [email protected] and we'll review it.