Domain Health Agent — web + MCP
Domain health, measured.
Domain Health Agent checks a domain against published standards and returns a scored report — 0–100, a letter grade, findings, and what to fix. The first check: security.txt (RFC 9116), verified down to its OpenPGP signature.
This site publishes its own security.txt
What it checks
One check today, done exactly.
Checks are plugins over one report shape. Each returns a status — ok,
warn, fail, or error — a 0–100 score, a letter
grade, findings, and recommendations. The overall grade averages what scored.
- security-txt
-
security.txt (RFC 9116)
Fetches
/.well-known/security.txt, verifies the requiredContactandExpiresfields, flags expired or malformed values, and verifies the file's OpenPGP cleartext signature against the key it advertises. - Future checks
-
More checks, same report
The catalog is built to take more. Each new check plugs into the same scored report — same wire shape, no new API to learn.
How to use it
From a browser, or from an agent.
Web
Enter a domain in the check panel above. The report renders on this page: the overall grade, each check's outcome, and what to fix first.
www.domainhealth.ai
MCP
Add the endpoint as a connector in any MCP client that speaks Streamable HTTP. Your agent gets the same report as structured content.
Endpoint
https://mcp.domainhealth.ai/mcp
Tools
- check_domain_health — the full scored report
- check_security_txt — one check, one outcome
- submit_feedback — for when the tools fall short
Specimen
What a report looks like.
{
"domain": "google.com",
"timestamp": "2026-07-10T04:45:55.010509+00:00",
"overallScore": 100,
"overallGrade": "A",
"checks": [
{
"id": "security-txt",
"title": "security.txt (RFC 9116)",
"status": "ok",
"score": 100,
"grade": "A",
"findings": [
{
"severity": "info",
"message": "Expires field is set more than one year in the future"
},
{
"severity": "info",
"message": "No Canonical field provided"
},
{
"severity": "info",
"message": "No PGP signature found"
}
],
"recommendations": []
}
]
}