Growth Leak Audit
The growth leak audit scans your site across 7 dimensions in about 30 seconds: AI crawler access, citability, structured data, llms.txt, entity presence, tracking layer, and titles and metas. You get a 0-100 score on screen and the full fix list by email. No call required, no retainer pitch mid-scan.
Most free audit tools are a black box with a lead form bolted on. You get a scary red number, no methodology, and a sales call. This one publishes its rubric, because the rubric is the product.
Every site leaks growth in the same two places. The first is visibility you never earn: AI engines that cannot crawl you, pages with nothing quotable, an entity graph that does not resolve. The second is revenue you earn but never see: a tracking layer that loses conversions before they reach your ad platforms and analytics. The growth leak audit measures the first kind directly and reads the public fingerprints of the second.
What the growth leak audit checks, dimension by dimension
AI crawler access, 18% of the score
Your robots.txt is tested against 13 AI crawlers including GPTBot, ClaudeBot, PerplexityBot, Google-Extended and Bingbot, weighted by how much each engine matters for citations. Sites block these by accident more often than by policy: one copied robots template and ChatGPT can never cite you. The crawler list follows OpenAI's published bot documentation and its equivalents at Anthropic, Perplexity and Google.
Citability, 18%
AI engines cite passages, not pages. The scan reads your served HTML for what a retrieval system can actually quote: concrete numbers and prices, question-formatted headings with direct answers, named authorship, dated content, and structured lists. Thin or undated marketing prose scores low because engines have nothing to lift.
Structured data, 15%
JSON-LD is parsed and typed: Organization or Person identity, WebSite, FAQ and Service coverage, sameAs links, and whether the JSON is even valid. Invalid blocks cost points because a parser that fails reads the same as no schema at all.
llms.txt, 10%
The scan requests /llms.txt and /llms-full.txt and verifies they serve real text, not a styled 404. It is the cheapest AI-discoverability asset a site can ship, which is exactly why its absence says something.
Entity presence, 12%
Whether machines can connect your brand to one resolvable identity: declared entity in schema, a sameAs graph pointing at LinkedIn, Wikidata and social profiles, consistent naming, and an about page that exists. Split identity splits your authority across engines.
Tracking layer, 15%
The public fingerprints of your measurement stack: tag manager, analytics, dataLayer events, ad pixels, product analytics, consent tooling. A site with no detectable measurement is spending blind. This dimension reads served HTML, so deliberately delayed tags score low on purpose: my own site reads 55 here because GTM loads 12 seconds late as a speed trade-off, and the emailed report explains when that pattern is fine and when it is a leak.
Titles and metas, 12%
Title and description lengths, canonical, Open Graph completeness, exactly one H1, language declaration. Basic, measurable, and still failed by most sites scanned.
How to read your growth leak audit score
85 and above is a tight ship: the leaks left are behind your login, not on your pages. 65 to 84 is holding: fundamentals exist, citations and conversions still slip away. 40 to 64 is leaking: at least two dimensions are costing you visibility or attribution right now. Below 40 is leaking badly: AI engines and ad platforms are both working with fragments of your business.
For calibration: yanivgoldenberg.com scores 93, and the missing 7 points are a documented speed trade-off, not an oversight. I ran the scanner against my own client portfolio before publishing it, and the spread was 50 to 77. Nobody starts at 100, including the sites of people who do this for a living.
What this scan cannot see
The scan reads your public surface. The expensive leaks usually live behind it: GA4 conversions that never fire, purchase events that reach your analytics but not your ad platforms, UTMs stripped at the first redirect, attribution split across three tools that disagree. Finding those requires someone inside your dataLayer, your tag manager, and your ad accounts.
That deeper pass is the paid work: a tracking audit for the full measurement layer, a GA4 audit when analytics is the suspect, and a GEO audit when the question is AI visibility specifically. The free scan tells you which of those doors to open first, and as a marketing attribution consultant I read the same report you get.
What lands in your inbox
A PDF with all 7 dimension scores, the specific finding behind each one, and a fix per dimension ordered by impact per hour of work. The on-screen result unlocks 2 dimensions; the report unlocks all 7. Sample finding, verbatim from a real scan: "GPTBot, ClaudeBot blocked in robots.txt: pages cannot be retrieved or cited by those AI engines." That is the level of specificity, no padding, two pages.
Why free and why an email: this is how I meet companies whose growth problems I want to fix. You get a real diagnostic either way, the rubric is published above, and the email gets you the report plus nothing recurring. Run it on your own site, then run it on a competitor.
Deciding between the audit and a human? Start with marketing mentor vs operator, then check what every mentorship model costs in the 2026 benchmark.
Growth leak audit questions, answered
What does the growth leak audit check exactly?
Seven weighted dimensions: AI crawler access in robots.txt (18%), content citability (18%), JSON-LD structured data (15%), llms.txt presence (10%), entity resolvability (12%), the public tracking layer (15%), and titles and metas (12%). The weights and rubric are published on this page, and the emailed PDF shows the finding behind every score.
Is the growth leak audit really free?
Yes. The scan, the on-screen score, and the full PDF report cost nothing. The business model is transparent: some scanned companies will want the deeper paid diagnostic of their tracking and attribution, and this is how they find me. There is no trial, no card, and no recurring email sequence.
What happens with my email address?
You get the report, I see the lead. One email with your PDF, no drip campaign. Scans are rate-limited per email and IP to keep the tool honest, and scan records are not retained beyond operational logs.
How accurate is a 30-second automated scan?
Accurate for what it measures, honest about what it cannot. It reads your served HTML the way crawlers and AI engines do, so everything it scores is real. What it cannot see is behind your login: GA4 configuration, server-side events, ad platform conversion health. Treat the score as the public half of the picture and the report tells you when the private half needs a human.
Run it, read it, then decide
The scan takes 30 seconds. If your score is fine, you saved a consulting fee. If it is not, the report already tells you the first three fixes, with or without me.