{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"npm_npm-sitehealth-mcp","slug":"npm-sitehealth-mcp","name":"sitehealth-mcp","type":"mcp","url":"https://www.npmjs.com/package/sitehealth-mcp","page_url":"https://unfragile.ai/npm-sitehealth-mcp","categories":["mcp-servers","code-review-security"],"tags":["mcp","model-context-protocol","website-audit","ssl","dns","dmarc","spf","dkim","performance","uptime","broken-links","seo","site-health"],"pricing":{"model":"open_source","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"npm_npm-sitehealth-mcp__cap_0","uri":"capability://tool.use.integration.unified.website.health.audit.orchestration","name":"unified-website-health-audit-orchestration","description":"Orchestrates a multi-domain security and performance audit by chaining together SSL certificate validation, DNS resolution, email authentication protocol checks (DMARC/SPF/DKIM), HTTP performance metrics, uptime monitoring, and link integrity scanning in a single MCP tool invocation. Implements a sequential audit pipeline that aggregates results from heterogeneous sources (certificate authorities, DNS servers, HTTP clients, link crawlers) into a unified health report without requiring the caller to manage individual tool dependencies.","intents":["Run a complete website security and performance audit without calling 6+ separate tools","Get a single structured report showing SSL, DNS, email auth, performance, and uptime status in one MCP call","Identify all critical infrastructure issues (broken links, missing DMARC, expired certs) in one audit pass","Integrate website health checks into an AI agent workflow without managing tool composition"],"best_for":["AI agents and LLM-powered applications that need to audit websites as part of a larger workflow","DevOps teams building automated site health monitoring into MCP-based infrastructure tools","Security-focused teams integrating email authentication and SSL validation into compliance checks"],"limitations":["Single synchronous call may timeout on very large sites with thousands of links (no pagination/streaming for link crawling)","DNS and DMARC checks are point-in-time snapshots; no historical trend tracking or change detection","Performance metrics are single-request samples, not representative of sustained load or geographic variance","No built-in caching — repeated audits of the same domain re-fetch all data, increasing latency"],"requires":["Node.js 16+ (MCP server runtime)","Network access to target domain (DNS, HTTP, HTTPS ports)","MCP client compatible with tool-use-integration protocol","No external API keys required (uses system DNS, public certificate transparency logs)"],"input_types":["domain name (string, e.g., 'example.com')","optional: target URL path for link crawling scope"],"output_types":["structured JSON object with nested audit results","SSL certificate details (issuer, expiration, chain validation)","DNS records (A, MX, TXT for DMARC/SPF/DKIM)","HTTP response metrics (status code, latency, headers)","broken link list with HTTP status codes","uptime status and response time percentiles"],"categories":["tool-use-integration","automation-workflow","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-sitehealth-mcp__cap_1","uri":"capability://safety.moderation.ssl.certificate.validation.and.chain.verification","name":"ssl-certificate-validation-and-chain-verification","description":"Validates SSL/TLS certificates for a domain by connecting to the target host, extracting the certificate chain, verifying signature validity against root CAs, checking expiration dates, and validating hostname matching. Implements standard X.509 certificate parsing and chain-of-trust verification using system certificate stores or bundled CA roots, returning detailed issuer, subject, and validity metadata.","intents":["Check if a domain's SSL certificate is valid, not expired, and properly signed","Detect upcoming certificate expirations before they cause outages","Verify that SSL certificate hostname matches the target domain","Identify certificate chain issues or missing intermediate certificates"],"best_for":["Security teams monitoring certificate validity across multiple domains","DevOps automation checking certificate health as part of deployment validation","AI agents that need to verify HTTPS readiness before recommending a site"],"limitations":["Only validates the certificate at connection time; does not track historical changes or revocation status via OCSP/CRL","Requires network connectivity to the target domain on port 443; cannot validate offline or behind firewalls","Does not check certificate transparency logs or detect misissued certificates","Hostname validation uses standard RFC 6125 rules; may not handle all edge cases (wildcard subdomains, IDN)"],"requires":["Node.js 16+ with native TLS support","Network access to target domain on HTTPS (port 443)","System CA certificate store or bundled Mozilla CA roots"],"input_types":["domain name (string)","optional: port number (default 443)"],"output_types":["certificate subject (CN, SAN)","issuer name and organization","validity dates (notBefore, notAfter)","signature algorithm","public key type and size","boolean: valid, not expired, hostname match"],"categories":["safety-moderation","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-sitehealth-mcp__cap_2","uri":"capability://data.processing.analysis.dns.record.resolution.and.validation","name":"dns-record-resolution-and-validation","description":"Resolves DNS records for a domain (A, AAAA, MX, TXT, NS, SOA) by querying the system resolver or a configured DNS server, returning all record values and metadata. Implements standard DNS query patterns (recursive resolution, caching awareness) and validates record presence/absence for email authentication checks (DMARC, SPF, DKIM TXT records). Aggregates results into a structured format suitable for downstream email authentication validation.","intents":["Resolve a domain's IP addresses, mail servers, and nameservers in one call","Check if DMARC, SPF, and DKIM TXT records exist and are properly formatted","Detect DNS misconfigurations (missing MX records, CNAME chains, TTL issues)","Validate DNS propagation before email authentication checks"],"best_for":["Email security teams auditing DMARC/SPF/DKIM deployment across domains","DevOps engineers validating DNS configuration changes before production rollout","AI agents that need to check email authentication readiness as part of domain health assessment"],"limitations":["Returns point-in-time DNS state; does not track TTL or propagation delays across nameservers","Relies on system resolver configuration; may be affected by local DNS caching or corporate firewalls","Does not validate DNSSEC signatures or check for DNS spoofing/hijacking","TXT record parsing for DMARC/SPF/DKIM is basic; does not validate policy syntax or semantics"],"requires":["Node.js 16+ with dns module","Network access to authoritative DNS servers (port 53)","System resolver configuration or explicit DNS server IP"],"input_types":["domain name (string)","optional: record types to query (A, AAAA, MX, TXT, NS, SOA; default: all)"],"output_types":["DNS record objects with type, name, value, TTL","A/AAAA records: IP addresses","MX records: mail server hostnames and priorities","TXT records: raw text values (for DMARC, SPF, DKIM parsing)","NS records: authoritative nameserver list","SOA record: serial, refresh, retry, expire, minimum TTL"],"categories":["data-processing-analysis","search-retrieval"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-sitehealth-mcp__cap_3","uri":"capability://safety.moderation.email.authentication.protocol.validation","name":"email-authentication-protocol-validation","description":"Validates email authentication protocols (DMARC, SPF, DKIM) by parsing TXT records from DNS, checking policy syntax, verifying alignment rules, and assessing enforcement levels. Implements RFC 7208 (SPF), RFC 7489 (DMARC), and DKIM signature validation patterns, returning policy details, alignment status, and recommended enforcement actions. Aggregates results into a security posture score for email authentication.","intents":["Check if a domain has DMARC, SPF, and DKIM policies configured","Validate SPF record syntax and detect overly permissive policies (e.g., ~all instead of -all)","Verify DMARC alignment (DKIM and SPF alignment with From: domain)","Identify missing or misconfigured email authentication that could enable spoofing"],"best_for":["Email security teams auditing organizational email authentication posture","Security consultants assessing third-party domains for phishing risk","AI agents that need to evaluate email authentication as part of domain security scoring"],"limitations":["Does not validate DKIM signatures on actual emails; only checks for DKIM public key records","SPF and DMARC policy parsing is basic; does not detect all edge cases or policy conflicts","Does not check BIMI (Brand Indicators for Message Identification) or other emerging standards","Enforcement recommendations are generic; do not account for organizational email volume or third-party senders"],"requires":["DNS resolution capability (requires dns-record-resolution-and-validation)","Node.js 16+ with regex/string parsing","No external API keys required"],"input_types":["domain name (string)","optional: DNS TXT records (if pre-resolved; otherwise fetched via DNS resolution)"],"output_types":["DMARC policy object: version, policy (none/quarantine/reject), subdomain policy, alignment mode, reporting addresses","SPF record object: mechanisms (ip4, ip6, include, a, mx, ptr), qualifier (+/-/~/?), all mechanism","DKIM status: presence of public key records, key type (RSA/ED25519), key size","alignment status: DKIM alignment, SPF alignment, DMARC enforcement level","security score: 0-100 based on policy completeness and enforcement"],"categories":["safety-moderation","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-sitehealth-mcp__cap_4","uri":"capability://data.processing.analysis.http.performance.metrics.collection","name":"http-performance-metrics-collection","description":"Measures HTTP response performance by making a request to the target domain, capturing latency (DNS lookup, TCP connect, TLS handshake, TTFB, full response time), response headers, status code, and content metadata. Implements standard HTTP timing instrumentation using Node.js http/https clients with high-resolution timers, returning granular performance data suitable for performance scoring and bottleneck identification.","intents":["Measure website response time and identify performance bottlenecks (DNS, TLS, server latency)","Check HTTP status code and response headers for caching, compression, and security headers","Detect slow or unresponsive servers that may indicate infrastructure issues","Collect performance baselines for trend analysis and SLA monitoring"],"best_for":["DevOps teams monitoring website performance as part of health checks","Performance engineers identifying latency bottlenecks across infrastructure","AI agents that need to assess site responsiveness as part of health scoring"],"limitations":["Single-request sample does not represent sustained load or geographic variance; results may vary significantly with network conditions","Does not measure page load time, rendering performance, or Core Web Vitals (requires browser automation)","TLS handshake timing includes system resolver latency; not purely server-side performance","No built-in retry logic or timeout handling; single network failure fails the entire audit"],"requires":["Node.js 16+ with http/https modules","Network access to target domain on HTTP/HTTPS","No external dependencies or API keys"],"input_types":["domain name or full URL (string)","optional: HTTP method (GET, HEAD; default GET)","optional: custom headers (User-Agent, etc.)"],"output_types":["timing object: dnsLookup, tcpConnect, tlsHandshake, ttfb (time to first byte), totalTime (milliseconds)","HTTP status code (200, 404, 500, etc.)","response headers: Content-Type, Content-Length, Cache-Control, Set-Cookie, security headers (CSP, X-Frame-Options, etc.)","content metadata: charset, compression (gzip, brotli), redirect chain"],"categories":["data-processing-analysis","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-sitehealth-mcp__cap_5","uri":"capability://automation.workflow.uptime.status.and.availability.check","name":"uptime-status-and-availability-check","description":"Checks the current availability and uptime status of a domain by attempting HTTP/HTTPS connections and measuring response times. Implements simple connectivity validation (TCP handshake, HTTP status code check) and optionally queries uptime monitoring services or historical uptime data. Returns current status (up/down), response time percentiles, and availability metrics suitable for SLA monitoring.","intents":["Determine if a website is currently online and responding to requests","Check uptime percentage and historical availability trends","Detect intermittent outages or degraded performance","Verify that a domain is accessible before recommending it to users"],"best_for":["Uptime monitoring teams tracking availability across multiple domains","AI agents that need to verify site accessibility before making recommendations","DevOps teams validating deployment health as part of post-deployment checks"],"limitations":["Single-point-in-time check does not capture intermittent outages or degradation patterns","Does not distinguish between full outages and partial failures (e.g., slow response times)","No historical data collection; requires external uptime monitoring service integration for trend analysis","May be affected by network conditions, geographic location, or rate limiting on the target domain"],"requires":["Node.js 16+ with http/https modules","Network access to target domain","optional: API key for external uptime monitoring service (e.g., Uptime Robot, StatusPage)"],"input_types":["domain name or full URL (string)","optional: expected status code (default 200)","optional: timeout threshold (milliseconds)"],"output_types":["status: 'up' or 'down'","response time (milliseconds)","HTTP status code","uptime percentage (if historical data available)","last checked timestamp","optional: incident history or status page data"],"categories":["automation-workflow","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-sitehealth-mcp__cap_6","uri":"capability://search.retrieval.broken.link.detection.and.crawling","name":"broken-link-detection-and-crawling","description":"Crawls a website starting from the root domain, discovers links (href, src, form action attributes), and validates each link by making HTTP HEAD or GET requests to check for 404s, 500s, redirects, and other error conditions. Implements breadth-first or depth-first crawling with configurable depth limits, duplicate detection, and external link filtering. Returns a list of broken links with HTTP status codes, error messages, and link context (source page, anchor text).","intents":["Find all broken links (404s, 500s, timeouts) on a website in one audit pass","Detect redirect chains and mixed content (HTTP/HTTPS) issues","Identify orphaned pages or unreachable resources","Validate internal link integrity before publishing or migration"],"best_for":["SEO teams auditing link health as part of site optimization","QA engineers validating link integrity before production deployment","Content teams identifying broken references in documentation or blog posts"],"limitations":["Crawling large sites (1000+ pages) may timeout or consume excessive memory; no built-in pagination or streaming","Does not execute JavaScript; misses dynamically-generated links (SPA, AJAX-loaded content)","Does not validate link semantics (e.g., rel=canonical, nofollow); only checks HTTP status","May trigger rate limiting or IP blocking on target domain if crawl rate is too aggressive","Does not check for soft 404s (pages returning 200 but with 'not found' content)"],"requires":["Node.js 16+ with http/https and HTML parsing libraries (cheerio, jsdom, or similar)","Network access to target domain","Sufficient memory for crawl queue (depends on site size)"],"input_types":["domain name or root URL (string)","optional: max crawl depth (default 2-3 levels)","optional: include external links (boolean; default false)","optional: crawl rate limit (requests per second)"],"output_types":["broken links array: URL, HTTP status code, error message, source page, anchor text","redirect chains: original URL, final URL, redirect count","crawl statistics: total pages crawled, total links found, broken link count, crawl duration","optional: sitemap validation (if sitemap.xml exists)"],"categories":["search-retrieval","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"npm_npm-sitehealth-mcp__cap_7","uri":"capability://tool.use.integration.mcp.tool.invocation.and.result.aggregation","name":"mcp-tool-invocation-and-result-aggregation","description":"Exposes the unified website health audit as an MCP tool that can be invoked by LLM clients and agents. Implements the Model Context Protocol tool schema (input validation, output serialization, error handling) and aggregates results from all sub-capabilities (SSL, DNS, email auth, performance, uptime, links) into a single structured response. Handles tool invocation lifecycle (parameter parsing, execution, result formatting) and integrates with MCP server infrastructure.","intents":["Invoke a complete website health audit from an LLM agent or AI application via MCP protocol","Get a unified, structured audit report suitable for downstream processing by LLM reasoning","Integrate website health checks into multi-step agent workflows without manual tool composition","Enable LLM clients to audit websites as part of a larger task (e.g., security assessment, due diligence)"],"best_for":["LLM-powered agents and applications that need website auditing as a discrete tool capability","MCP server implementations that want to expose website health checks to LLM clients","Teams building AI-driven security or DevOps workflows that require website auditing"],"limitations":["MCP protocol overhead adds ~50-100ms per invocation for serialization and deserialization","Tool result size may exceed MCP message limits on very large sites (thousands of broken links); requires result truncation or pagination","No streaming support for long-running audits (crawling large sites); client must wait for full completion","Error handling is basic; individual sub-capability failures (e.g., DNS timeout) may fail the entire audit"],"requires":["MCP-compatible client (Claude, custom LLM agent, etc.)","Node.js 16+ MCP server runtime","MCP server configuration and tool schema registration"],"input_types":["domain name (string, required)","optional: audit scope (ssl, dns, email-auth, performance, uptime, links; default: all)","optional: crawl depth for link validation (integer, default 2)"],"output_types":["unified audit report object with sections: ssl, dns, email-auth, performance, uptime, links","each section contains relevant metrics and status indicators","overall health score (0-100) based on all checks","recommendations array with actionable fixes for identified issues"],"categories":["tool-use-integration","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":35,"verified":false,"data_access_risk":"high","permissions":["Node.js 16+ (MCP server runtime)","Network access to target domain (DNS, HTTP, HTTPS ports)","MCP client compatible with tool-use-integration protocol","No external API keys required (uses system DNS, public certificate transparency logs)","Node.js 16+ with native TLS support","Network access to target domain on HTTPS (port 443)","System CA certificate store or bundled Mozilla CA roots","Node.js 16+ with dns module","Network access to authoritative DNS servers (port 53)","System resolver configuration or explicit DNS server IP"],"failure_modes":["Single synchronous call may timeout on very large sites with thousands of links (no pagination/streaming for link crawling)","DNS and DMARC checks are point-in-time snapshots; no historical trend tracking or change detection","Performance metrics are single-request samples, not representative of sustained load or geographic variance","No built-in caching — repeated audits of the same domain re-fetch all data, increasing latency","Only validates the certificate at connection time; does not track historical changes or revocation status via OCSP/CRL","Requires network connectivity to the target domain on port 443; cannot validate offline or behind firewalls","Does not check certificate transparency logs or detect misissued certificates","Hostname validation uses standard RFC 6125 rules; may not handle all edge cases (wildcard subdomains, IDN)","Returns point-in-time DNS state; does not track TTL or propagation delays across nameservers","Relies on system resolver configuration; may be affected by local DNS caching or corporate firewalls","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.05,"quality":0.41,"ecosystem":0.6000000000000001,"match_graph":0.25,"freshness":0.75,"weights":{"adoption":0.25,"quality":0.25,"ecosystem":0.15,"match_graph":0.23,"freshness":0.12}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-05-24T12:16:24.482Z","last_scraped_at":"2026-05-03T14:24:06.239Z","last_commit":null},"community":{"stars":null,"forks":null,"weekly_downloads":null,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=npm-sitehealth-mcp","compare_url":"https://unfragile.ai/compare?artifact=npm-sitehealth-mcp"}},"signature":"sczId0Jv+GNBhLPclFy4caVki2zdqrOkBCbj1tB3M6Ps1hoGEm3GF12NaVhCyOh/TTWxWMxSmeDmwUrXnZX7DA==","signedAt":"2026-06-20T22:49:04.400Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/npm-sitehealth-mcp","artifact":"https://unfragile.ai/npm-sitehealth-mcp","verify":"https://unfragile.ai/api/v1/verify?slug=npm-sitehealth-mcp","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}