@kirkelabs/agent-readiness-scan 0.1.0

package/src/checks/03-bot-auth-readiness.js

@@ -0,0 +1,63 @@
+/**
+ * check 03 — Bot-Auth readiness
+ *
+ * Web Bot Auth (IETF draft-meunier-web-bot-auth-architecture) lets sites
+ * cryptographically verify the identity of an incoming bot via signed
+ * requests + a public-key directory at /.well-known/http-message-
+ * signatures-directory. As of mid-2026 it is rising — Cloudflare,
+ * Google-Agent and AWS WAF are actively implementing.
+ *
+ * This check is forward-looking. A 0 today does not condemn a site;
+ * but a non-zero is a credible "we're treating bots as identified
+ * visitors" signal worth surfacing.
+ */
+
+export const meta = {
+  id: 'bot-auth-readiness',
+  title: 'Bot-Auth readiness',
+  weight: 5,
+  why: 'Cryptographic crawler-identity verification (Web Bot Auth, RFC 9421 HTTP Message Signatures) is the durable successor to user-agent strings. A published key directory means the site is ready to distinguish a verified Google-Agent from a random scraper.',
+};
+
+export function run({ wellKnown }) {
+  const findings = [];
+  const dir = wellKnown?.botAuthDirectory;
+
+  if (!dir || !dir.found) {
+    findings.push({
+      level: 'fail',
+      msg: 'No `/.well-known/http-message-signatures-directory` found. The site cannot cryptographically distinguish verified AI agents from impostors. (Forward-looking — not yet universal, but increasingly relied on.)',
+    });
+    return { score: 0, max: 5, findings, detail: { found: false } };
+  }
+
+  // Try to parse as JWK or JWKS.
+  let valid = false;
+  let keyCount = 0;
+  try {
+    const parsed = JSON.parse(dir.content);
+    if (Array.isArray(parsed.keys)) {
+      keyCount = parsed.keys.length;
+      valid = parsed.keys.every((k) => k && typeof k.kty === 'string');
+    } else if (parsed && typeof parsed.kty === 'string') {
+      keyCount = 1;
+      valid = true;
+    }
+  } catch {
+    valid = false;
+  }
+
+  if (!valid) {
+    findings.push({
+      level: 'warn',
+      msg: 'Key directory present but does not parse as a valid JWK / JWKS document. A bot-auth verifier would reject it.',
+    });
+    return { score: 2, max: 5, findings, detail: { found: true, valid: false } };
+  }
+
+  findings.push({
+    level: 'pass',
+    msg: `Web Bot Auth key directory present with ${keyCount} key(s). Bots can be cryptographically verified before content is served.`,
+  });
+  return { score: 5, max: 5, findings, detail: { found: true, valid: true, keyCount } };
+}

package/src/checks/04-mcp-exposure.js

@@ -0,0 +1,104 @@
+/**
+ * check 04 — MCP exposure
+ *
+ * Model Context Protocol (MCP, Anthropic) is the agent-tooling layer
+ * for the customs-house era. A brand that exposes an MCP server card
+ * at /.well-known/mcp/server-card.json is declaring "agents may act on
+ * me with these scoped tools, behind this auth flow."
+ *
+ * NSA's May-2026 guidance recommends OAuth-protected-resource metadata
+ * + PKCE/S256; we check for both as positive signals.
+ */
+
+export const meta = {
+  id: 'mcp-exposure',
+  title: 'MCP exposure',
+  weight: 7,
+  why: 'Model Context Protocol is how a brand publishes the tools an AI agent can call on its behalf. Without a public server card, agents have nothing to invoke — the brand is read-only to the AI economy.',
+};
+
+export function run({ wellKnown }) {
+  const findings = [];
+  const detail = { card: { found: false, valid: false }, oauth: { found: false, pkce: false } };
+
+  const card = wellKnown?.mcpServerCard;
+  if (!card || !card.found) {
+    findings.push({
+      level: 'fail',
+      msg: 'No `/.well-known/mcp/server-card.json` found. The brand exposes no agent-callable tools. AI agents can read but cannot act.',
+    });
+    return { score: 0, max: 7, findings, detail };
+  }
+
+  detail.card.found = true;
+  let parsed;
+  try {
+    parsed = JSON.parse(card.content);
+    detail.card.valid = typeof parsed === 'object' && parsed !== null;
+  } catch {
+    parsed = null;
+  }
+  if (!detail.card.valid) {
+    findings.push({
+      level: 'warn',
+      msg: 'MCP server card present but does not parse as JSON. Agents discovering this surface would skip it.',
+    });
+    return { score: 2, max: 7, findings, detail };
+  }
+
+  let score = 4;
+  findings.push({
+    level: 'pass',
+    msg: `MCP server card present and valid${parsed.name ? ` (\`${parsed.name}\`)` : ''}. Agents can discover the tool surface.`,
+  });
+  if (Array.isArray(parsed.tools) && parsed.tools.length > 0) {
+    findings.push({
+      level: 'pass',
+      msg: `${parsed.tools.length} tool(s) declared in the server card.`,
+    });
+  } else {
+    findings.push({
+      level: 'warn',
+      msg: 'Server card declares no `tools[]`. The card exists but has no callable surface for agents.',
+    });
+    score = 3;
+  }
+
+  // OAuth-protected-resource metadata (per NSA May-2026 guidance).
+  const oauth = wellKnown?.oauthProtectedResource;
+  if (oauth && oauth.found) {
+    detail.oauth.found = true;
+    score += 2;
+    findings.push({
+      level: 'pass',
+      msg: '`/.well-known/oauth-protected-resource` discoverable — meets NSA May-2026 trust-boundary recommendation.',
+    });
+    try {
+      const meta = JSON.parse(oauth.content);
+      const auth = wellKnown?.oauthAuthorizationServer;
+      if (auth && auth.found) {
+        const authMeta = JSON.parse(auth.content);
+        const methods = authMeta.code_challenge_methods_supported || [];
+        if (Array.isArray(methods) && methods.includes('S256')) {
+          detail.oauth.pkce = true;
+          score += 1;
+          findings.push({
+            level: 'pass',
+            msg: 'OAuth authorization server declares PKCE (S256) — scoped auth posture as recommended.',
+          });
+        }
+      }
+      // Suppress unused-var lint for `meta` if minimal.
+      void meta;
+    } catch {
+      // ignore parse errors; partial credit already awarded.
+    }
+  } else {
+    findings.push({
+      level: 'warn',
+      msg: 'No `/.well-known/oauth-protected-resource` metadata. NSA guidance recommends scoped OAuth gating before tool-call forwarding.',
+    });
+  }
+
+  return { score: Math.min(score, 7), max: 7, findings, detail };
+}

package/src/checks/05-agentic-commerce.js

@@ -0,0 +1,85 @@
+/**
+ * check 05 — Agentic-commerce manifests
+ *
+ * The customs declaration for commerce. The two live specs as of mid-2026:
+ *   - Agentic Commerce Protocol (OpenAI/Stripe): /.well-known/acp/manifest.json
+ *   - Google Universal Cart Protocol (UCP):       /.well-known/ucp
+ *
+ * Either one is a credible declaration that an agent can transact on
+ * the brand's behalf. Both is full coverage.
+ */
+
+export const meta = {
+  id: 'agentic-commerce',
+  title: 'Agentic-commerce manifests',
+  weight: 7,
+  why: 'ACP (OpenAI/Stripe) and UCP (Google) are the two live 2026 protocols for agent-initiated checkout. Without a manifest at the canonical .well-known path, conversational-commerce surfaces have no place to bind to.',
+};
+
+export function run({ wellKnown }) {
+  const findings = [];
+  const detail = { acp: { found: false, valid: false }, ucp: { found: false, valid: false } };
+
+  // ACP
+  const acp = wellKnown?.acpManifest;
+  if (acp && acp.found) {
+    detail.acp.found = true;
+    try {
+      const parsed = JSON.parse(acp.content);
+      detail.acp.valid = typeof parsed === 'object' && parsed !== null;
+      if (detail.acp.valid) {
+        findings.push({
+          level: 'pass',
+          msg: `Agentic Commerce Protocol manifest present at \`/.well-known/acp/manifest.json\`${parsed.version ? ` (version \`${parsed.version}\`)` : ''}.`,
+        });
+      } else {
+        findings.push({ level: 'warn', msg: 'ACP manifest present but invalid JSON shape.' });
+      }
+    } catch {
+      findings.push({ level: 'warn', msg: 'ACP manifest present but does not parse as JSON.' });
+    }
+  }
+
+  // UCP
+  const ucp = wellKnown?.ucp;
+  if (ucp && ucp.found) {
+    detail.ucp.found = true;
+    try {
+      const parsed = JSON.parse(ucp.content);
+      detail.ucp.valid = typeof parsed === 'object' && parsed !== null;
+      if (detail.ucp.valid) {
+        findings.push({
+          level: 'pass',
+          msg: `Google Universal Cart manifest present at \`/.well-known/ucp\`${parsed.version ? ` (version \`${parsed.version}\`)` : ''}.`,
+        });
+      } else {
+        findings.push({ level: 'warn', msg: 'UCP manifest present but invalid JSON shape.' });
+      }
+    } catch {
+      findings.push({ level: 'warn', msg: 'UCP manifest present but does not parse as JSON.' });
+    }
+  }
+
+  let score;
+  if (detail.acp.valid && detail.ucp.valid) {
+    score = 7;
+    findings.push({
+      level: 'pass',
+      msg: 'Both ACP and UCP manifests declared. Cross-platform agent commerce is wired.',
+    });
+  } else if (detail.acp.valid || detail.ucp.valid) {
+    score = 5;
+    findings.push({
+      level: 'warn',
+      msg: 'One of the two live agentic-commerce protocols declared. Consider adding the other to widen agent-marketplace coverage.',
+    });
+  } else {
+    score = 0;
+    findings.push({
+      level: 'fail',
+      msg: 'Neither `/.well-known/acp/manifest.json` (OpenAI/Stripe) nor `/.well-known/ucp` (Google) present. The site cannot be transacted on by an AI agent.',
+    });
+  }
+
+  return { score, max: 7, findings, detail };
+}

package/src/checks/06-product-offer.js

@@ -0,0 +1,138 @@
+/**
+ * check 06 — Agent-actionable Product/Offer
+ *
+ * Even with ACP/UCP manifests, an agent needs structured-data per product
+ * to compare and transact. The required Offer surface for agentic
+ * checkout, drawn from Google Merchant Center spec + the agentic-commerce
+ * consensus as of mid-2026:
+ *
+ *   REQUIRED       price, priceCurrency, availability
+ *   RECOMMENDED    priceValidUntil (future), shippingDetails,
+ *                  acceptedPaymentMethod, hasMerchantReturnPolicy,
+ *                  aggregateRating
+ *
+ * If no Product JSON-LD is present at all, this dimension is graded
+ * not-applicable (neutral 4/7 — same pattern as the on-chain dimension
+ * in ai-legibility-scan).
+ */
+
+export const meta = {
+  id: 'product-offer',
+  title: 'Agent-actionable Product/Offer',
+  weight: 7,
+  why: 'Conversational commerce reads structured offers, not landing-page prose. An Offer missing shippingDetails or priceValidUntil is invisible to a comparison agent — even if the brand is willing to sell.',
+};
+
+function collectJsonLd($) {
+  const out = [];
+  $('script[type="application/ld+json"]').each((_, el) => {
+    const text = ($(el).contents().first().text() || '').trim();
+    if (!text) return;
+    try {
+      const parsed = JSON.parse(text);
+      if (Array.isArray(parsed)) out.push(...parsed);
+      else out.push(parsed);
+    } catch {
+      // skip malformed
+    }
+  });
+  return out;
+}
+
+function findProducts(nodes) {
+  const products = [];
+  const walk = (n) => {
+    if (!n || typeof n !== 'object') return;
+    const type = n['@type'];
+    if (type === 'Product' || (Array.isArray(type) && type.includes('Product'))) {
+      products.push(n);
+    }
+    if (Array.isArray(n['@graph'])) n['@graph'].forEach(walk);
+    if (Array.isArray(n.itemListElement)) n.itemListElement.forEach(walk);
+  };
+  nodes.forEach(walk);
+  return products;
+}
+
+function extractOffer(product) {
+  let offer = product.offers;
+  if (Array.isArray(offer)) offer = offer[0];
+  return offer && typeof offer === 'object' ? offer : null;
+}
+
+export function run({ $ }) {
+  const findings = [];
+  const detail = { productCount: 0, offerFields: {} };
+
+  const nodes = collectJsonLd($);
+  const products = findProducts(nodes);
+  detail.productCount = products.length;
+
+  if (products.length === 0) {
+    findings.push({
+      level: 'info',
+      msg: 'No Product schema detected — this dimension is not applicable to non-commerce sites. Scored neutral.',
+    });
+    return { score: 4, max: 7, findings, detail };
+  }
+
+  // Aggregate fields across all detected offers.
+  const required = ['price', 'priceCurrency', 'availability'];
+  const recommended = [
+    'priceValidUntil',
+    'shippingDetails',
+    'acceptedPaymentMethod',
+    'hasMerchantReturnPolicy',
+    'aggregateRating',
+  ];
+  const presence = {};
+  for (const f of [...required, ...recommended]) presence[f] = false;
+
+  for (const p of products) {
+    const offer = extractOffer(p);
+    if (!offer) continue;
+    for (const f of required) if (offer[f]) presence[f] = true;
+    presence.priceValidUntil = presence.priceValidUntil || (offer.priceValidUntil && new Date(offer.priceValidUntil) > new Date());
+    presence.shippingDetails = presence.shippingDetails || !!offer.shippingDetails;
+    presence.acceptedPaymentMethod = presence.acceptedPaymentMethod || !!offer.acceptedPaymentMethod;
+    presence.hasMerchantReturnPolicy =
+      presence.hasMerchantReturnPolicy || !!offer.hasMerchantReturnPolicy || !!p.hasMerchantReturnPolicy;
+    presence.aggregateRating = presence.aggregateRating || !!p.aggregateRating || !!offer.aggregateRating;
+  }
+  detail.offerFields = presence;
+
+  const reqCount = required.filter((f) => presence[f]).length;
+  const recCount = recommended.filter((f) => presence[f]).length;
+
+  // Required: 0-3 → 0-3 points. Recommended: 0-5 → 0-4 points (capped). Max 7.
+  let score = reqCount + Math.min(recCount, 4);
+
+  if (reqCount < 3) {
+    findings.push({
+      level: 'fail',
+      msg: `Offer is missing required field(s): ${required.filter((f) => !presence[f]).join(', ')}. Agents will skip this product in comparison flows.`,
+    });
+  } else {
+    findings.push({
+      level: 'pass',
+      msg: 'All required Offer fields present (price, priceCurrency, availability).',
+    });
+  }
+
+  const missingRec = recommended.filter((f) => !presence[f]);
+  if (missingRec.length > 0) {
+    findings.push({
+      level: missingRec.length >= 3 ? 'warn' : 'info',
+      msg: `Recommended Offer fields missing: ${missingRec.join(', ')}. Each one closes a comparison-step the agent would otherwise drop you from.`,
+    });
+  }
+
+  if (!presence.priceValidUntil) {
+    findings.push({
+      level: 'warn',
+      msg: 'No future `priceValidUntil` on the Offer. Conversational-commerce flows treat absent or expired price-validity as a stale-data signal.',
+    });
+  }
+
+  return { score: Math.min(score, 7), max: 7, findings, detail };
+}

package/src/checks/07-identity-corroboration.js

@@ -0,0 +1,131 @@
+/**
+ * check 07 — Brand identity corroboration
+ *
+ * AI engines resolve a brand to an entity by following its sameAs graph
+ * out to registry-grade sources (Wikidata, Crunchbase, OpenCorporates,
+ * Companies House, SEC EDGAR, GLEIF LEI) — sources that are themselves
+ * widely indexed and trusted.
+ *
+ * Social profiles (LinkedIn, GitHub) are corroborating signals, but
+ * registry-grade is what turns "a website" into "an entity an AI engine
+ * will confidently cite."
+ */
+
+export const meta = {
+  id: 'identity-corroboration',
+  title: 'Brand identity corroboration',
+  weight: 8,
+  why: 'A sameAs link to Wikidata or Companies House is a verifiable, registry-grade entity claim. A site with three registry-grade sameAs links has a closed identity loop; one without is a brand the AI must guess at.',
+};
+
+const REGISTRY_PATTERNS = [
+  { name: 'Wikidata', re: /(^|\/\/)(www\.)?wikidata\.org\/(wiki|entity)\/Q\d+/i },
+  { name: 'Crunchbase', re: /(^|\/\/)(www\.)?crunchbase\.com\/organization\//i },
+  { name: 'OpenCorporates', re: /(^|\/\/)(www\.)?opencorporates\.com\/companies\//i },
+  { name: 'Companies House (UK)', re: /find-and-update\.company-information\.service\.gov\.uk\/company\//i },
+  { name: 'SEC EDGAR', re: /(www\.)?sec\.gov\/(cgi-bin\/browse-edgar|edgar|cgi-bin\/browse|data\.sec\.gov)/i },
+  { name: 'GLEIF / LEI', re: /(www\.)?(gleif\.org|lei\.info)\//i },
+  { name: 'ORCID', re: /orcid\.org\/[0-9X-]+/i },
+];
+const SOCIAL_PATTERNS = [
+  { name: 'LinkedIn', re: /(^|\/\/)(www\.)?linkedin\.com\/(company|in)\//i },
+  { name: 'GitHub', re: /(^|\/\/)(www\.)?github\.com\/[^/]+\/?$|github\.com\/[^/]+\/[^/]+/i },
+];
+
+function collectSameAs($) {
+  const found = new Set();
+  $('script[type="application/ld+json"]').each((_, el) => {
+    const text = ($(el).contents().first().text() || '').trim();
+    if (!text) return;
+    let nodes;
+    try {
+      nodes = JSON.parse(text);
+    } catch {
+      return;
+    }
+    const queue = Array.isArray(nodes) ? [...nodes] : [nodes];
+    while (queue.length) {
+      const n = queue.shift();
+      if (!n || typeof n !== 'object') continue;
+      if (Array.isArray(n.sameAs)) {
+        for (const u of n.sameAs) if (typeof u === 'string') found.add(u);
+      } else if (typeof n.sameAs === 'string') {
+        found.add(n.sameAs);
+      }
+      if (Array.isArray(n['@graph'])) queue.push(...n['@graph']);
+      for (const k of ['founder', 'employee', 'contributor', 'publisher']) {
+        if (n[k]) queue.push(n[k]);
+      }
+    }
+  });
+  return [...found];
+}
+
+export function run({ $ }) {
+  const findings = [];
+  const detail = { sameAsUrls: [], registry: [], social: [] };
+
+  const urls = collectSameAs($);
+  detail.sameAsUrls = urls;
+
+  for (const u of urls) {
+    for (const p of REGISTRY_PATTERNS) {
+      if (p.re.test(u) && !detail.registry.includes(p.name)) detail.registry.push(p.name);
+    }
+    for (const p of SOCIAL_PATTERNS) {
+      if (p.re.test(u) && !detail.social.includes(p.name)) detail.social.push(p.name);
+    }
+  }
+
+  const reg = detail.registry.length;
+  const soc = detail.social.length;
+
+  let score;
+  if (reg === 0 && soc === 0) {
+    score = 0;
+    findings.push({
+      level: 'fail',
+      msg: 'No sameAs links found anywhere in JSON-LD. Nothing corroborates the brand\'s identity to an AI engine — it has to guess who you are.',
+    });
+  } else if (reg === 0 && soc >= 1) {
+    score = 2 + Math.min(soc - 1, 1);
+    findings.push({
+      level: 'warn',
+      msg: `Social profile(s) declared (${detail.social.join(', ')}) but no registry-grade source. Add Wikidata, Crunchbase, OpenCorporates, Companies House, SEC EDGAR or GLEIF LEI to lift the identity claim.`,
+    });
+  } else if (reg === 1) {
+    score = 5;
+    findings.push({
+      level: 'warn',
+      msg: `1 registry-grade source (${detail.registry[0]}). Aim for 3 — a single source is a corroboration of one; three is a graph.`,
+    });
+  } else if (reg === 2) {
+    score = 6;
+    findings.push({
+      level: 'warn',
+      msg: `2 registry-grade sources (${detail.registry.join(', ')}). One more closes the loop.`,
+    });
+  } else {
+    score = 8;
+    findings.push({
+      level: 'pass',
+      msg: `${reg} registry-grade sources (${detail.registry.join(', ')}). Identity graph is closed.`,
+    });
+  }
+
+  if (soc > 0 && reg > 0) {
+    findings.push({
+      level: 'pass',
+      msg: `Social corroboration also present: ${detail.social.join(', ')}.`,
+    });
+  }
+
+  if (!detail.registry.includes('Wikidata')) {
+    findings.push({
+      level: 'warn',
+      msg: 'No Wikidata reference. Wikidata is the upstream graph feeding Google Knowledge Panels and major-model entity resolution — creating an item lifts every other sameAs claim.',
+    });
+  }
+
+  return { score, max: 8, findings, detail };
+}

package/src/checks/08-source-regulatory.js

@@ -0,0 +1,125 @@
+/**
+ * check 08 — Source provenance & regulatory transparency
+ *
+ * The "source operations" bucket from the strategic paper, plus the
+ * baseline regulatory artefacts a 2026 AI agent will look for before
+ * treating a site as authoritative:
+ *
+ *   - dateModified / dateCreated on the page (freshness signal)
+ *   - /.well-known/security.txt (RFC 9116)
+ *   - Terms of service link
+ *   - Contact path (mailto: or /contact)
+ *   - Privacy policy link
+ *
+ * One point per artefact, max 5.
+ */
+
+export const meta = {
+  id: 'source-regulatory',
+  title: 'Source provenance & regulatory transparency',
+  weight: 5,
+  why: 'Freshness, security disclosure, terms, contact, and privacy are the customs-form data on every legitimate source. Absent these, an AI engine treats the page as anonymous prose.',
+};
+
+function hasDateSignal($) {
+  let found = false;
+  $('script[type="application/ld+json"]').each((_, el) => {
+    const text = ($(el).contents().first().text() || '').trim();
+    if (!text || found) return;
+    try {
+      const parsed = JSON.parse(text);
+      const queue = Array.isArray(parsed) ? [...parsed] : [parsed];
+      while (queue.length) {
+        const n = queue.shift();
+        if (!n || typeof n !== 'object') continue;
+        if (n.dateModified || n.dateCreated || n.datePublished) {
+          found = true;
+          return;
+        }
+        if (Array.isArray(n['@graph'])) queue.push(...n['@graph']);
+      }
+    } catch {
+      // ignore
+    }
+  });
+  if (found) return true;
+  if ($('time[datetime]').length > 0) return true;
+  if ($('meta[property="article:modified_time"]').length > 0) return true;
+  if ($('meta[property="article:published_time"]').length > 0) return true;
+  return false;
+}
+
+function findLink($, ...needles) {
+  let hit = null;
+  $('a[href]').each((_, el) => {
+    if (hit) return;
+    const href = ($(el).attr('href') || '').toLowerCase();
+    const text = ($(el).text() || '').toLowerCase();
+    for (const needle of needles) {
+      if (href.includes(needle) || text.includes(needle)) {
+        hit = $(el).attr('href');
+        return;
+      }
+    }
+  });
+  return hit;
+}
+
+export function run({ $, wellKnown }) {
+  const findings = [];
+  let score = 0;
+  const detail = {};
+
+  // 1. Date signal
+  detail.dateSignal = hasDateSignal($);
+  if (detail.dateSignal) {
+    score += 1;
+    findings.push({ level: 'pass', msg: 'Page declares a `dateModified` / `datePublished` (in JSON-LD or `<time>`). Freshness is legible.' });
+  } else {
+    findings.push({
+      level: 'warn',
+      msg: 'No dateModified / datePublished signal. AI engines treat undated pages as low-confidence.',
+    });
+  }
+
+  // 2. security.txt
+  detail.securityTxt = !!(wellKnown?.securityTxt && wellKnown.securityTxt.found);
+  if (detail.securityTxt) {
+    score += 1;
+    findings.push({ level: 'pass', msg: '`/.well-known/security.txt` present (RFC 9116).' });
+  } else {
+    findings.push({
+      level: 'info',
+      msg: 'No `/.well-known/security.txt`. A 4-line file with a contact email and expiry date is a trust signal an AI customs officer notices.',
+    });
+  }
+
+  // 3. T&Cs link
+  detail.termsLink = findLink($, '/terms', '/tos', 'terms of', 'terms-and-conditions', 'terms_and_conditions');
+  if (detail.termsLink) {
+    score += 1;
+    findings.push({ level: 'pass', msg: `Terms of service link found (\`${detail.termsLink}\`).` });
+  } else {
+    findings.push({ level: 'warn', msg: 'No visible Terms of Service link. DSA Art. 14 expects publicly-accessible T&Cs.' });
+  }
+
+  // 4. Contact path
+  detail.contactPath = findLink($, '/contact', 'mailto:', 'contact us');
+  if (detail.contactPath) {
+    score += 1;
+    findings.push({ level: 'pass', msg: `Contact path found (\`${detail.contactPath}\`).` });
+  } else {
+    findings.push({ level: 'warn', msg: 'No visible contact path. Agents handling disputes or escalations have nowhere to route to.' });
+  }
+
+  // 5. Privacy policy
+  detail.privacyLink = findLink($, '/privacy', 'privacy-policy', 'privacy policy');
+  if (detail.privacyLink) {
+    score += 1;
+    findings.push({ level: 'pass', msg: `Privacy policy link found (\`${detail.privacyLink}\`).` });
+  } else {
+    findings.push({ level: 'warn', msg: 'No visible privacy policy link. Regulators (and increasingly, agents) will treat this as missing customs paperwork.' });
+  }
+
+  return { score, max: 5, findings, detail };
+}