# Security Headers Auditor (`junipr/security-headers-auditor`) Actor

Audit website security headers such as CSP, HSTS, X-Frame-Options, Referrer-Policy, and Permissions-Policy.

- **URL**: https://apify.com/junipr/security-headers-auditor.md
- **Developed by:** [junipr](https://apify.com/junipr) (community)
- **Categories:** Developer tools, Automation
- **Stats:** 2 total users, 1 monthly users, 100.0% runs succeeded, 0 bookmarks
- **User rating**: No ratings yet

## Pricing

from $9.80 / 1,000 target auditeds

This Actor is paid per event. You are not charged for the Apify platform usage, but only a fixed price for specific events.

Learn more: https://docs.apify.com/platform/actors/running/actors-in-store#pay-per-event

## What's an Apify Actor?

Actors are a software tools running on the Apify platform, for all kinds of web data extraction and automation use cases.
In Batch mode, an Actor accepts a well-defined JSON input, performs an action which can take anything from a few seconds to a few hours,
and optionally produces a well-defined JSON output, datasets with results, or files in key-value store.
In Standby mode, an Actor provides a web server which can be used as a website, API, or an MCP server.
Actors are written with capital "A".

## How to integrate an Actor?

If asked about integration, you help developers integrate Actors into their projects.
You adapt to their stack and deliver integrations that are safe, well-documented, and production-ready.
The best way to integrate Actors is as follows.

In JavaScript/TypeScript projects, use official [JavaScript/TypeScript client](https://docs.apify.com/api/client/js.md):

```bash
npm install apify-client
```

In Python projects, use official [Python client library](https://docs.apify.com/api/client/python.md):

```bash
pip install apify-client
```

In shell scripts, use [Apify CLI](https://docs.apify.com/cli/docs.md):

````bash
# MacOS / Linux
curl -fsSL https://apify.com/install-cli.sh | bash
# Windows
irm https://apify.com/install-cli.ps1 | iex
```bash

In AI frameworks, you might use the [Apify MCP server](https://docs.apify.com/platform/integrations/mcp.md).

If your project is in a different language, use the [REST API](https://docs.apify.com/api/v2.md).

For usage examples, see the [API](#api) section below.

For more details, see Apify documentation as [Markdown index](https://docs.apify.com/llms.txt) and [Markdown full-text](https://docs.apify.com/llms-full.txt).


# README

## Security Headers Auditor

Audit website security headers such as Content-Security-Policy, Strict-Transport-Security, X-Frame-Options, Referrer-Policy, and Permissions-Policy.

### What This Actor Does

Security Headers Auditor checks supplied header snapshots or optional live URL headers for common browser security controls. It scores each target, flags missing or weak headers, compares previous/current header snapshots, and writes dataset rows plus summary reports.

The default run uses a built-in header fixture, so it produces useful output without fetching a live website or spending extra platform usage.

### What This Actor Does Not Do

- It does not perform penetration testing or vulnerability exploitation.
- It does not guarantee compliance with any security standard.
- It does not provide legal, medical, or financial advice.
- It does not collect sensitive personal data.
- It does not require a browser or proxy.

### Best Use Cases

- Audit a launch checklist for CSP, HSTS, nosniff, referrer, and permissions policies.
- Catch removed security headers after a CDN, reverse-proxy, or framework deployment.
- Detect weak CSP directives such as `unsafe-inline` or wildcard sources.
- Generate a concise security-header report for a client or internal QA handoff.
- Run a small scheduled check against critical marketing, app, or docs pages.

### Input Fields

- `targets`: Header snapshots with optional `sourceId`, `sourceUrl`, `statusCode`, `headers`, and `previousHeaders`.
- `urls`: Optional URLs to fetch only when `fetchUrls` is true.
- `fetchUrls`: Fetch headers over HTTP. Defaults to `false` so zero-config runs are local and cheap.
- `comparePrevious`: Compare `previousHeaders` against current headers.
- `includeReport`: Write `SECURITY_HEADERS_RESULTS.json`, `SECURITY_HEADERS_SUMMARY.json`, and `SECURITY_HEADERS_REPORT.md` to the key-value store.
- `maxTargets`: Maximum targets to audit. Default is `25`; hard cap is `250`.
- `fetchTimeoutMs`: HTTP timeout for optional URL fetches.
- `debug`: Enable extra troubleshooting logs.

### Example Input

```json
{
  "targets": [
    {
      "sourceId": "homepage",
      "sourceUrl": "https://example.com",
      "headers": {
        "strict-transport-security": "max-age=31536000; includeSubDomains; preload",
        "content-security-policy": "default-src 'self'; object-src 'none'; frame-ancestors 'none'",
        "x-content-type-options": "nosniff",
        "referrer-policy": "strict-origin-when-cross-origin",
        "permissions-policy": "geolocation=()"
      }
    }
  ],
  "fetchUrls": false,
  "comparePrevious": true,
  "includeReport": true,
  "maxTargets": 10
}
````

### Output Fields

Each dataset item represents one audited target:

- `auditId`: Stable hash for the header snapshot.
- `sourceType`, `sourceId`, `sourceUrl`, and `statusCode`: Target provenance.
- `status`, `severity`, and `securityScore`: Overall result.
- `checkedHeaders`, `presentHeaders`, `missingHeaders`, `weakHeaders`, and `criticalFindings`: Header inventory and risk.
- `addedHeaders`, `removedHeaders`, and `changedHeaders`: Previous/current diff fields.
- CSP fields such as `cspHasDefaultSrc`, `cspHasFrameAncestors`, `cspAllowsUnsafeInline`, and `cspAllowsWildcard`.
- HSTS fields such as `hstsMaxAgeSeconds`, `hstsIncludesSubdomains`, and `hstsPreload`.
- Header-specific fields for X-Frame-Options, nosniff, Referrer-Policy, Permissions-Policy, COOP, and CORP.
- `issues`: Structured issue list.
- `recommendation`: Suggested next action.
- `checkedAt`: ISO audit timestamp.

The key-value store also contains:

- `SECURITY_HEADERS_RESULTS.json`: Full result array.
- `SECURITY_HEADERS_SUMMARY.json`: Run-level counts, scores, missing headers, and top issues.
- `SECURITY_HEADERS_REPORT.md`: Human-readable summary.

### Example Output

```json
{
  "sourceId": "sample-hardened-site",
  "sourceUrl": "https://example.com",
  "statusCode": 200,
  "status": "pass",
  "severity": "none",
  "securityScore": 100,
  "missingHeaders": [],
  "weakHeaders": [],
  "criticalFindings": [],
  "addedHeaders": [
    "content-security-policy",
    "cross-origin-opener-policy",
    "cross-origin-resource-policy",
    "permissions-policy",
    "referrer-policy",
    "x-frame-options"
  ],
  "changedHeaders": ["strict-transport-security"],
  "hasContentSecurityPolicy": true,
  "hasStrictTransportSecurity": true,
  "hstsMaxAgeSeconds": 31536000,
  "hstsIncludesSubdomains": true,
  "hasXContentTypeOptionsNoSniff": true,
  "issueCount": 0,
  "recommendation": "Security headers look strong for the supplied snapshot."
}
```

### Pricing And Events

This actor uses pay-per-event pricing with the P1 audit template:

- `actor-start`: $0.025 per run for setup and target preparation.
- `target-audited`: $0.0098 per audited target, or $9.80 per 1,000 targets.
- `report-generated`: $0.05 when report artifacts are generated.

Platform usage pass-through is intentionally off for local header snapshots and lightweight HEAD requests. Keep `fetchUrls` off for fixture/default runs, and start with a small target set before enabling live URL checks.

### Cost-Control Tips

- Use inline `headers` snapshots for deterministic CI and client QA checks.
- Keep `fetchUrls` false unless you explicitly want the actor to perform HTTP requests.
- Use `maxTargets` between 1 and 10 for initial runs.
- Use `previousHeaders` to catch regressions without crawling many pages.

### Public Task Examples

This actor includes five prepared task concepts:

- Hardened baseline header check.
- Missing CSP and HSTS audit.
- Weak CSP detector.
- Header regression diff.
- Optional live URL header check.

### FAQ

#### Does this replace a security review?

No. It is a header-audit tool, not a penetration test or complete security assessment.

#### Can it fetch live pages?

Yes, set `fetchUrls` to true and provide `urls`. The default is false to keep the Store quality run deterministic and cheap.

#### Does it need a browser?

No. It audits HTTP headers and supplied header snapshots.

#### Are diagnostics billed as dataset rows?

No. Target audit rows are billed via `target-audited`. Summary diagnostics are written to the key-value store, not as extra default dataset rows.

### Troubleshooting

- `missing-content-security-policy`: Add a CSP suited to the app before claiming browser-side hardening.
- `missing-strict-transport-security`: Add HSTS after confirming HTTPS is enforced for the hostname.
- `csp-unsafe-inline`: Remove inline scripts/styles or use nonces/hashes where practical.
- `headers-removed`: Compare CDN/reverse-proxy rules and deployment diffs.

### Limitations

- This actor checks practical header presence and common weak patterns, not every possible browser security nuance.
- Live URL fetching can fail due network, redirects, auth, or bot filtering; inline snapshots are more deterministic.
- Header recommendations must be adapted to the application. Some policies require careful rollout to avoid breaking production.

### Source And Safety Notes

Audit only URLs and header snapshots you are authorized to inspect. Do not upload sensitive internal headers unless you are allowed to process them in Apify.

### Changelog

- `1.0.0`: Initial production build with security-header scoring, previous/current diffing, KVS reports, PPE billing, examples, and fixture tests.

### Premium local completion scope

This actor is prepared for local ChatGPT review as a premium, honestly scoped Store candidate. It processes user-supplied fixtures, records, snapshots, schemas, URLs, or exported source data with strict caps and deterministic logic before any live Apify replay.

It does not perform live Apify Store publication, live Store icon upload, live public task creation, or live pricing changes in this local package. Cloud replay remains a separate step. The local implementation is scoped to: Audit website security headers such as CSP, HSTS, X-Frame-Options, Referrer-Policy, and Permissions-Policy.

Use the default input first. It is intentionally tiny and designed to complete quickly while still producing dataset rows, schema-validation evidence, billing-guard proof, and report artifacts.

# Actor input Schema

## `targets` (type: `array`):

Header snapshots to audit. Defaults to a small hardened fixture that finishes quickly.

## `urls` (type: `array`):

Optional URLs to fetch only when fetchUrls is true. Leave empty for fixture/local runs.

## `fetchUrls` (type: `boolean`):

Fetch headers over HTTP. Default is false to keep zero-config runs local and cheap.

## `comparePrevious` (type: `boolean`):

Compare previousHeaders against current headers when available.

## `maxItems` (type: `integer`):

Alias for Max Targets/Maximum Records used by the Junipr actor baseline. When both are provided, actor-specific limits still apply.

## `includeReport` (type: `boolean`):

Write summary JSON and Markdown report artifacts to the key-value store.

## `maxTargets` (type: `integer`):

Maximum URL or header snapshots to audit.

## `fetchTimeoutMs` (type: `integer`):

HTTP timeout for optional URL fetches.

## `dryRun` (type: `boolean`):

Validate input and write a dry-run summary without PPE charges or dataset output.

## `debug` (type: `boolean`):

Enable debug logs.

## Actor input object example

```json
{
  "targets": [
    {
      "sourceId": "sample-hardened-site",
      "sourceUrl": "https://example.com",
      "statusCode": 200,
      "headers": {
        "strict-transport-security": "max-age=31536000; includeSubDomains; preload",
        "content-security-policy": "default-src 'self'; script-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'",
        "x-frame-options": "DENY",
        "x-content-type-options": "nosniff",
        "referrer-policy": "strict-origin-when-cross-origin",
        "permissions-policy": "geolocation=(), microphone=(), camera=()",
        "cross-origin-opener-policy": "same-origin",
        "cross-origin-resource-policy": "same-origin"
      },
      "previousHeaders": {
        "strict-transport-security": "max-age=86400",
        "x-content-type-options": "nosniff"
      }
    }
  ],
  "urls": [],
  "fetchUrls": false,
  "comparePrevious": true,
  "maxItems": 25,
  "includeReport": true,
  "maxTargets": 25,
  "fetchTimeoutMs": 10000,
  "dryRun": false,
  "debug": false
}
```

# Actor output Schema

## `results` (type: `string`):

Each dataset row is one audited URL or header snapshot with security scores, findings, and recommendations.

## `resultsJson` (type: `string`):

Full JSON array of audit results.

## `summaryJson` (type: `string`):

Run-level counts, scores, missing headers, and top issues.

## `summaryReport` (type: `string`):

Markdown report describing security header audit results.

# API

You can run this Actor programmatically using our API. Below are code examples in JavaScript, Python, and CLI, as well as the OpenAPI specification and MCP server setup.

## JavaScript example

```javascript
import { ApifyClient } from 'apify-client';

// Initialize the ApifyClient with your Apify API token
// Replace the '<YOUR_API_TOKEN>' with your token
const client = new ApifyClient({
    token: '<YOUR_API_TOKEN>',
});

// Prepare Actor input
const input = {};

// Run the Actor and wait for it to finish
const run = await client.actor("junipr/security-headers-auditor").call(input);

// Fetch and print Actor results from the run's dataset (if any)
console.log('Results from dataset');
console.log(`💾 Check your data here: https://console.apify.com/storage/datasets/${run.defaultDatasetId}`);
const { items } = await client.dataset(run.defaultDatasetId).listItems();
items.forEach((item) => {
    console.dir(item);
});

// 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/js/docs

```

## Python example

```python
from apify_client import ApifyClient

# Initialize the ApifyClient with your Apify API token
# Replace '<YOUR_API_TOKEN>' with your token.
client = ApifyClient("<YOUR_API_TOKEN>")

# Prepare the Actor input
run_input = {}

# Run the Actor and wait for it to finish
run = client.actor("junipr/security-headers-auditor").call(run_input=run_input)

# Fetch and print Actor results from the run's dataset (if there are any)
print("💾 Check your data here: https://console.apify.com/storage/datasets/" + run["defaultDatasetId"])
for item in client.dataset(run["defaultDatasetId"]).iterate_items():
    print(item)

# 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/python/docs/quick-start

```

## CLI example

```bash
echo '{}' |
apify call junipr/security-headers-auditor --silent --output-dataset

```

## MCP server setup

```json
{
    "mcpServers": {
        "apify": {
            "command": "npx",
            "args": [
                "mcp-remote",
                "https://mcp.apify.com/?tools=junipr/security-headers-auditor",
                "--header",
                "Authorization: Bearer <YOUR_API_TOKEN>"
            ]
        }
    }
}

```

## OpenAPI specification

```json
{
    "openapi": "3.0.1",
    "info": {
        "title": "Security Headers Auditor",
        "description": "Audit website security headers such as CSP, HSTS, X-Frame-Options, Referrer-Policy, and Permissions-Policy.",
        "version": "1.0",
        "x-build-id": "vq7a30fp0sUSfgXaJ"
    },
    "servers": [
        {
            "url": "https://api.apify.com/v2"
        }
    ],
    "paths": {
        "/acts/junipr~security-headers-auditor/run-sync-get-dataset-items": {
            "post": {
                "operationId": "run-sync-get-dataset-items-junipr-security-headers-auditor",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor, waits for its completion, and returns Actor's dataset items in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK"
                    }
                }
            }
        },
        "/acts/junipr~security-headers-auditor/runs": {
            "post": {
                "operationId": "runs-sync-junipr-security-headers-auditor",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor and returns information about the initiated run in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "content": {
                            "application/json": {
                                "schema": {
                                    "$ref": "#/components/schemas/runsResponseSchema"
                                }
                            }
                        }
                    }
                }
            }
        },
        "/acts/junipr~security-headers-auditor/run-sync": {
            "post": {
                "operationId": "run-sync-junipr-security-headers-auditor",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor, waits for completion, and returns the OUTPUT from Key-value store in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK"
                    }
                }
            }
        }
    },
    "components": {
        "schemas": {
            "inputSchema": {
                "type": "object",
                "properties": {
                    "targets": {
                        "title": "Header Targets",
                        "type": "array",
                        "description": "Header snapshots to audit. Defaults to a small hardened fixture that finishes quickly.",
                        "items": {
                            "type": "object"
                        },
                        "default": [
                            {
                                "sourceId": "sample-hardened-site",
                                "sourceUrl": "https://example.com",
                                "statusCode": 200,
                                "headers": {
                                    "strict-transport-security": "max-age=31536000; includeSubDomains; preload",
                                    "content-security-policy": "default-src 'self'; script-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'none'",
                                    "x-frame-options": "DENY",
                                    "x-content-type-options": "nosniff",
                                    "referrer-policy": "strict-origin-when-cross-origin",
                                    "permissions-policy": "geolocation=(), microphone=(), camera=()",
                                    "cross-origin-opener-policy": "same-origin",
                                    "cross-origin-resource-policy": "same-origin"
                                },
                                "previousHeaders": {
                                    "strict-transport-security": "max-age=86400",
                                    "x-content-type-options": "nosniff"
                                }
                            }
                        ]
                    },
                    "urls": {
                        "title": "URLs To Fetch",
                        "type": "array",
                        "description": "Optional URLs to fetch only when fetchUrls is true. Leave empty for fixture/local runs.",
                        "items": {
                            "type": "string"
                        },
                        "default": []
                    },
                    "fetchUrls": {
                        "title": "Fetch URLs",
                        "type": "boolean",
                        "description": "Fetch headers over HTTP. Default is false to keep zero-config runs local and cheap.",
                        "default": false
                    },
                    "comparePrevious": {
                        "title": "Compare Previous Headers",
                        "type": "boolean",
                        "description": "Compare previousHeaders against current headers when available.",
                        "default": true
                    },
                    "maxItems": {
                        "title": "Max Items",
                        "minimum": 1,
                        "maximum": 250,
                        "type": "integer",
                        "description": "Alias for Max Targets/Maximum Records used by the Junipr actor baseline. When both are provided, actor-specific limits still apply.",
                        "default": 25
                    },
                    "includeReport": {
                        "title": "Include Report Artifacts",
                        "type": "boolean",
                        "description": "Write summary JSON and Markdown report artifacts to the key-value store.",
                        "default": true
                    },
                    "maxTargets": {
                        "title": "Max Targets",
                        "minimum": 1,
                        "maximum": 250,
                        "type": "integer",
                        "description": "Maximum URL or header snapshots to audit.",
                        "default": 25
                    },
                    "fetchTimeoutMs": {
                        "title": "Fetch Timeout Milliseconds",
                        "minimum": 1000,
                        "maximum": 30000,
                        "type": "integer",
                        "description": "HTTP timeout for optional URL fetches.",
                        "default": 10000
                    },
                    "dryRun": {
                        "title": "Dry Run",
                        "type": "boolean",
                        "description": "Validate input and write a dry-run summary without PPE charges or dataset output.",
                        "default": false
                    },
                    "debug": {
                        "title": "Debug Logs",
                        "type": "boolean",
                        "description": "Enable debug logs.",
                        "default": false
                    }
                }
            },
            "runsResponseSchema": {
                "type": "object",
                "properties": {
                    "data": {
                        "type": "object",
                        "properties": {
                            "id": {
                                "type": "string"
                            },
                            "actId": {
                                "type": "string"
                            },
                            "userId": {
                                "type": "string"
                            },
                            "startedAt": {
                                "type": "string",
                                "format": "date-time",
                                "example": "2025-01-08T00:00:00.000Z"
                            },
                            "finishedAt": {
                                "type": "string",
                                "format": "date-time",
                                "example": "2025-01-08T00:00:00.000Z"
                            },
                            "status": {
                                "type": "string",
                                "example": "READY"
                            },
                            "meta": {
                                "type": "object",
                                "properties": {
                                    "origin": {
                                        "type": "string",
                                        "example": "API"
                                    },
                                    "userAgent": {
                                        "type": "string"
                                    }
                                }
                            },
                            "stats": {
                                "type": "object",
                                "properties": {
                                    "inputBodyLen": {
                                        "type": "integer",
                                        "example": 2000
                                    },
                                    "rebootCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "restartCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "resurrectCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "computeUnits": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            },
                            "options": {
                                "type": "object",
                                "properties": {
                                    "build": {
                                        "type": "string",
                                        "example": "latest"
                                    },
                                    "timeoutSecs": {
                                        "type": "integer",
                                        "example": 300
                                    },
                                    "memoryMbytes": {
                                        "type": "integer",
                                        "example": 1024
                                    },
                                    "diskMbytes": {
                                        "type": "integer",
                                        "example": 2048
                                    }
                                }
                            },
                            "buildId": {
                                "type": "string"
                            },
                            "defaultKeyValueStoreId": {
                                "type": "string"
                            },
                            "defaultDatasetId": {
                                "type": "string"
                            },
                            "defaultRequestQueueId": {
                                "type": "string"
                            },
                            "buildNumber": {
                                "type": "string",
                                "example": "1.0.0"
                            },
                            "containerUrl": {
                                "type": "string"
                            },
                            "usage": {
                                "type": "object",
                                "properties": {
                                    "ACTOR_COMPUTE_UNITS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_WRITES": {
                                        "type": "integer",
                                        "example": 1
                                    },
                                    "KEY_VALUE_STORE_LISTS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_INTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_EXTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_RESIDENTIAL_TRANSFER_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_SERPS": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            },
                            "usageTotalUsd": {
                                "type": "number",
                                "example": 0.00005
                            },
                            "usageUsd": {
                                "type": "object",
                                "properties": {
                                    "ACTOR_COMPUTE_UNITS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_WRITES": {
                                        "type": "number",
                                        "example": 0.00005
                                    },
                                    "KEY_VALUE_STORE_LISTS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_INTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_EXTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_RESIDENTIAL_TRANSFER_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_SERPS": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }
}
```
