Run an AgentMinds site scan in CI. Posts a PR comment with grade, top issues, and a link to the full report. No signup, no API key.

name: Site quality

on:
  pull_request:
    branches: [main]

jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: agentminds/scan-action@v1
        with:
          url: https://your-preview-deployment.example.com
          fail-on-grade: D   # fail the workflow if grade is D or worse

Every scan runs 50+ checks across:

• Security headers (HSTS, CSP, X-Frame-Options, COOP, etc.)
• SEO (title/meta tags, canonical, OG, sitemap, robots.txt)
• AEO (llms.txt, structured data, FAQPage, AI bot blocking)
• Performance (latency, content size, redirect count, mixed content)
• Accessibility (alt text, lang attribute, focus indicators)

AgentMinds scan: https://preview.example.com

Grade	Overall	Security	SEO/AEO	Latency
B	78/100	60/100	90/100	412ms

Top issues

• 🛡 critical Content-Security-Policy header missing
• 🔍 warning Description length 88 (optimal: 150-160)

Full report →

The comment is sticky — re-runs update the existing comment instead of spamming.

- uses: agentminds/scan-action@v1
  with:
    url: ${{ steps.deploy.outputs.preview_url }}
    fail-on-grade: F

- uses: agentminds/scan-action@v1
  with:
    url: ${{ steps.deploy.outputs.preview_url }}
    fail-on-grade: C

- uses: agentminds/scan-action@v1
  id: scan
  with:
    url: ${{ steps.deploy.outputs.preview_url }}

- run: echo "Site graded ${{ steps.scan.outputs.grade }} - report at ${{ steps.scan.outputs.scan-url }}"

- uses: agentminds/scan-action@v1
  with:
    url: ${{ steps.deploy.outputs.preview_url }}
    fail-on-grade: F   # never fail
    comment: true

The action calls the public free-scan API. It only sends the URL you provide. Scan results are stored on AgentMinds and are accessible at the returned share_url — these are public by design (the URL acts as the only access token, akin to how Lighthouse PageSpeed Insights URLs work).

MIT.