B-82%
Quality Score
10
Pages
162
Issues
8.0
Avg Confidence
7.8
Avg Priority
49 Critical56 High19 Medium2 Low
>_ Testers.AI
AI Analysis
Target AU scored B- (82%) with 162 issues across 6 tested pages, ranking #3 of 7 Australian retail sites. That's 41 more than the 120.6 category average (29th percentile).
Top issues to fix immediately: "Promo modal blocks access to product listings on load" โ Make the promo modal dismissible with a clearly visible close button (e; "DNS resolution failures (ERR_NAME_NOT_RESOLVED) for multiple resources" โ Verify DNS configuration and hostname resolution for all asset domains (CDN, fonts, APIs); "Empty button labels in header/navigation" โ Populate all interactive buttons with meaningful labels or add aria-label attributes for accessibility.
Weakest area โ usability (7/10): Standard navigation and prominent search bar contribute to good usability.
Quick wins: Consider a less intrusive way to present the 'Want $10 OFF?' offer, perhaps a banner or exit-intent pop-up. Ensure all interactive elements, especially the pop-up, are fully navigable and readable by screen readers.
Qualitative Quality
Target AU
Category Avg
Best in Category
Pages Tested ยท 10 screenshots
Homepage
www.target.com.au
www.target.com.au
www.target.com.au
www.target.com.au
www.target.com.au
www.target.com.au
www.target.com.au
www.target.com.au
www.target.com.au
Detected Issues ยท 126 total
1
On-load AI/LLM endpoint activity detected without user interaction
CRIT P9
Prompt to Fix
Audit the web page initialization flow to identify any on-load calls to AI/LLM endpoints. Remove or defer these calls until user-initiated actions or explicit consent is obtained. Implement a consent banner for any AI features and ensure no data (including user identifiers) is sent to AI services without consent. Provide a minimal, server-side fallback if AI features must be available without consent.
Why it's a bug
Console logs show explicit AI/LLM endpoint detection (โ ๏ธ AI/LLM ENDPOINT DETECTED) on page load, suggesting client-side LLM calls or telemetry that may trigger prompts or data leakage before user consent or interaction. This raises privacy, security, and performance concerns and can degrade trust and UX.
Why it might not be a bug
If the log is strictly internal telemetry and there are no actual user data sent to AI endpoints on load, the issue may be benign. However, the visible log indicates AI activity at startup, which is risky without consent or visible opt-out.
Suggested Fix
Move any LLM/API calls behind explicit user action or clear consent UI. Ensure prompts/data sent to AI services are minimized, sanitized, and consented. Consider performing LLM-related work server-side or behind feature flags with strict data leakage safeguards. Remove or gate on-load LLM initializations and only execute after user interaction.
Why Fix
Prevents unintended data leakage, reduces unnecessary network requests, and improves page load performance and user trust by ensuring AI features are opt-in.
Route To
Frontend Engineer / Privacy Engineer
Page
Tester
Jason ยท GenAI Code AnalyzerTechnical Evidence
Console:
โ ๏ธ AI/LLM ENDPOINT DETECTEDNetwork:
Detected on-page AI endpoint usage in console logs; no explicit endpoint URL shown in screenshot. Investigate all client-side calls to any third-party AI services initiated on load.2
AI endpoint instrumentation detected on page load
CRIT P9
Prompt to Fix
Identify and remove any direct calls to external AI/LLM endpoints during page load. If AI features are needed, defer until user interaction, ensure consent banners exist, and replace hard-coded prompts with safe defaults. Document all AI integrations.
Why it's a bug
Console logs show 'โ ๏ธ AI/LLM ENDPOINT DETECTED' and multiple AI-related endpoint calls. This suggests the page is invoking external AI services on load, which can leak prompts, data, or cause performance/privacy issues without user consent.
Why it might not be a bug
If these endpoints are essential for functionality, there should be explicit user consent and clear privacy disclosures; otherwise this is an insecure/untested pattern.
Suggested Fix
Remove on-load AI-endpoint calls or gate them behind user action/consent. Audit dependencies to ensure AI endpoints are optional, well-documented, and do not leak prompts. Consider lazy-loading with debounced fetch and proper error handling.
Why Fix
Prevents accidental data leakage, reduces page load cost, and aligns with privacy expectations.
Route To
Frontend Engineer / Security & Privacy Specialist
Page
Tester
Jason ยท GenAI Code AnalyzerTechnical Evidence
Console:
โ ๏ธ AI/LLM ENDPOINT DETECTEDNetwork:
GET https://rapid-cdn.yottaa.com/rapid/lib/O0MQpOscomd4Gg.js - Status: N/A3
On-page AI/LLM endpoints invoked on page load (early LLM calls)
CRIT P9
Prompt to Fix
Move AI/LLM endpoint calls behind user interaction or explicit consent. Remove automatic on-load LLM requests. Add a consent banner and a feature-flag to disable on-load AI usage by default. Document data types sent to AI services and ensure endpoints are only called after user opt-in.
Why it's a bug
Console shows multiple occurrences of AI/LLM endpoint detection and calls during initial page load. This can trigger unnecessary data transmission, raise privacy concerns, add latency, and run afoul of user consent expectations for on-load AI usage.
Why it might not be a bug
If AI calls are strictly user-initiated or behind an explicit consent toggle, this could be intended. The screenshot, however, suggests calls are happening on load without visible consent prompts.
Suggested Fix
Defer all LLM/AI endpoint calls until user action or explicit consent is given. Implement a feature flag to disable on-load AI usage by default. Batch or coalesce requests if possible and remove or minimize on-load AI endpoint logs. Ensure privacy disclosures are present and user controls exist.
Why Fix
Improves performance, reduces unnecessary data exposure, and aligns with user privacy expectations and UX best practices.
Route To
Frontend Architect / Privacy & Security Engineer
Page
Tester
Jason ยท GenAI Code AnalyzerTechnical Evidence
Console:
โ ๏ธ AI/LLM ENDPOINT DETECTEDNetwork:
GET https://p2config.yottaa-prod.com/api/v1/configure.rapid.js?key=O0MQpOscomd4Gg&ul=en-US&dl=https%3A%2F%2Fwww.target.com.au%2Fwishlist%23skip-to-content&dt=Wishlist%20%7C%20Target%20Australia&sd=24&sr=800,600&vp=800,600&ct=4g&rtt=50