Squirrelscan is a CLI tool for auditing websites, focusing on SEO, performance, and security. It is designed to integrate with Claude Code agents, enabling automated website audits. Operations teams can use it to streamline website maintenance and improve digital asset performance.
git clone https://github.com/squirrelscan/squirrelscan.gitsquirrelscan is a CLI-based website audit tool designed specifically for AI coding agents, including Claude Code and Cursor. It evaluates websites against 230+ rules across 21 categories including SEO, accessibility, performance, security, and E-E-A-T signals. The tool supports incremental crawling with smart resume capabilities, generates reports in multiple formats (JSON, HTML, Markdown, LLM-optimized), and integrates directly into AI agent workflows through installable skills. Operations teams and developers use squirrelscan to automate website maintenance, identify regressions, and improve digital asset performance without manual auditing.
1. **Install Squirrelscan**: Run `pip install squirrelscan` or use the Claude Code agent integration. Ensure Node.js is installed for frontend audits. 2. **Configure Audit Scope**: Replace [WEBSITE_URL] with your target (e.g., `https://acmecorp.com`). For subdomains, use `squirrelscan --subdomains acmecorp.com`. 3. **Run the Audit**: Execute `squirrelscan audit --output report.md --format markdown [WEBSITE_URL]`. For CI/CD pipelines, use `squirrelscan audit --json [WEBSITE_URL] > audit.json`. 4. **Review Output**: Open the generated report (e.g., `report.md`) and prioritize issues by severity. Use the CLI flags `--critical` or `--warnings` to filter results. 5. **Automate Fixes**: Pipe the JSON output to a script (e.g., `cat audit.json | jq '.critical[] | .recommendation'`) to generate automated fixes. For bulk operations, use `squirrelscan fix --batch` with a config file. **Tips:** - For dynamic sites, use `--user-agent "Squirrelscan/1.0"` to mimic crawlers. - To audit behind authentication, use `--cookies "session=abc123"`. - Integrate with GitHub Actions: Add a workflow step to run Squirrelscan on PRs and block merges if critical issues are detected.
Automated SEO and performance audits integrated into Claude Code or Cursor workflows
Security-focused audits detecting HTTPS issues, CSP violations, and leaked secrets patterns
Accessibility compliance checking across ARIA, landmarks, and interactive elements
Tracking website changes and regressions across multiple crawls with change detection
No install command available. Check the GitHub repository for manual installation instructions.
git clone https://github.com/squirrelscan/squirrelscanCopy the install command above and run it in your terminal.
Launch Claude Code, Cursor, or your preferred AI coding agent.
Use the prompt template or examples below to test the skill.
Adapt the skill to your specific use case and workflow.
Run a comprehensive audit of [WEBSITE_URL] using Squirrelscan. Generate a report covering SEO (meta tags, headings, keyword density), performance (load time, image optimization, caching), and security (SSL, mixed content, headers). Flag critical issues in red, warnings in yellow, and recommendations in green. Include actionable fixes for each category.
### Squirrelscan Audit Report for AcmeCorp.com
**SEO Analysis:**
- Meta Description: Missing (Critical) – Current length: 0 characters. Recommended: 150-160 characters describing AcmeCorp’s cloud storage solutions.
- Heading Structure: H1 ‘Cloud Storage Solutions’ detected. H2s ‘Pricing Plans’ and ‘Customer Testimonials’ are well-structured. Missing H3s under ‘Pricing Plans’ for granularity.
- Keyword Density: ‘cloud storage’ appears 3 times (2.1%), ‘secure backup’ appears 1 time (0.7%). Competitors use these terms 5-8 times. Recommend increasing to 4-6% for ‘cloud storage’.
**Performance Analysis:**
- Load Time: 4.2s (Poor). Top competitors load in 1.8s. Optimize images: 12 uncompressed images (avg. 1.8MB each). Compress to <500KB.
- Caching: Browser caching enabled for static assets (1 week). Server-side caching (Redis) not implemented. Implement Redis for dynamic content.
- Largest Contentful Paint: 2.8s. Reduce render-blocking JavaScript in <head>.
**Security Analysis:**
- SSL Certificate: Valid (Let’s Encrypt). Chain incomplete – missing intermediate certificates. Fix via server config.
- Mixed Content: 3 instances of HTTP resources loaded on HTTPS page (e.g., http://cdn.acmecorp.com/logo.png). Replace with HTTPS URLs.
- Security Headers: Missing CSP, X-Frame-Options, and HSTS. Add to .htaccess:
```
Header set Content-Security-Policy "default-src 'self'; img-src 'self' data: https://cdn.acmecorp.com"
Header always set X-Frame-Options "DENY"
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
```
**Action Items:**
1. Add meta description (Priority: High).
2. Compress images using ImageMagick: `find . -name '*.jpg' -exec convert {} -quality 80 {}.optimized.jpg \;`
3. Implement Redis caching via `sudo apt install redis-server` and update PHP config.
4. Replace HTTP resources with HTTPS URLs using `grep -rl 'http://cdn.acmecorp.com' . | xargs sed -i 's|http://cdn.acmecorp.com|https://cdn.acmecorp.com|g'`.
5. Add security headers via Apache/Nginx config as shown above.AI sales agent for lead generation and follow-up
AI-assisted web application security testing
Enterprise workflow automation and service management platform
Get more done every day with Microsoft Teams – powered by AI
Agentic AI Workflow platform
Automate your spreadsheet tasks with AI power
Take a free 3-minute scan and get personalized AI skill recommendations.
Take free scan