# Operational Asset Monitor (`silicon1235/operational-asset-monitor`) Actor

Monitor public HTTPS endpoints, domains, DNS/email posture, SPF, DMARC, MTA-STS, TLS-RPT, CAA, security.txt, and security headers for operational alerts.

- **URL**: https://apify.com/silicon1235/operational-asset-monitor.md
- **Developed by:** [X L](https://apify.com/silicon1235) (community)
- **Categories:** Developer tools, Automation, Business
- **Stats:** 2 total users, 1 monthly users, 100.0% runs succeeded, 0 bookmarks
- **User rating**: No ratings yet

## Pricing

Pay per usage

This Actor is paid per platform usage. The Actor is free to use, and you only pay for the Apify platform usage, which gets cheaper the higher subscription plan you have.

Learn more: https://docs.apify.com/platform/actors/running/actors-in-store#pay-per-usage

## What's an Apify Actor?

Actors are a software tools running on the Apify platform, for all kinds of web data extraction and automation use cases.
In Batch mode, an Actor accepts a well-defined JSON input, performs an action which can take anything from a few seconds to a few hours,
and optionally produces a well-defined JSON output, datasets with results, or files in key-value store.
In Standby mode, an Actor provides a web server which can be used as a website, API, or an MCP server.
Actors are written with capital "A".

## How to integrate an Actor?

If asked about integration, you help developers integrate Actors into their projects.
You adapt to their stack and deliver integrations that are safe, well-documented, and production-ready.
The best way to integrate Actors is as follows.

In JavaScript/TypeScript projects, use official [JavaScript/TypeScript client](https://docs.apify.com/api/client/js.md):

```bash
npm install apify-client
```

In Python projects, use official [Python client library](https://docs.apify.com/api/client/python.md):

```bash
pip install apify-client
```

In shell scripts, use [Apify CLI](https://docs.apify.com/cli/docs.md):

````bash
# MacOS / Linux
curl -fsSL https://apify.com/install-cli.sh | bash
# Windows
irm https://apify.com/install-cli.ps1 | iex
```bash

In AI frameworks, you might use the [Apify MCP server](https://docs.apify.com/platform/integrations/mcp.md).

If your project is in a different language, use the [REST API](https://docs.apify.com/api/v2.md).

For usage examples, see the [API](#api) section below.

For more details, see Apify documentation as [Markdown index](https://docs.apify.com/llms.txt) and [Markdown full-text](https://docs.apify.com/llms-full.txt).


# README

## Operational Asset Monitor

Monitor public HTTPS/HTTP endpoints, domains, email/DNS records, CAA records, Certificate Transparency JSON feeds, HTTP security headers, security.txt disclosure metadata, and security well-known endpoints for SSL/TLS certificate expiry, TLS certificate posture, CT certificate drift, HTTP status, domain registration expiry, domain lifecycle posture, generic DNS record drift, MX provider posture, SPF/DMARC/MTA-STS/TLS-RPT/CAA drift, security header posture, disclosure posture, and operational alert signals.

The first release is designed for free or usage-cost-only publication. A future paid event can be `operational-asset-alert`, charged only when a run produces a new warning, critical, or error alert.

### Inputs

- `endpoints`: public URLs to check.
- `domains`: public domain names to check through RDAP for registration expiry.
- `dnsDomains`: public domain names to check for generic A/AAAA/NS/CNAME/TXT snapshots plus MX, SPF, DMARC, MTA-STS, TLS-RPT, and CAA records.
- `securityTextDomains`: public domain names to check for `/.well-known/security.txt`, `/security.txt`, and common security `/.well-known/*` posture endpoints.
- `certificateTransparencyUrls`: public JSON URLs containing Certificate Transparency rows to parse; defaults to empty to avoid extra network calls unless explicitly enabled.
- `sslWarnDays`: warning threshold for certificate expiry.
- `sslCriticalDays`: critical threshold for certificate expiry.
- `domainWarnDays`: warning threshold for domain registration expiry.
- `domainCriticalDays`: critical threshold for domain registration expiry.
- `previousAssetIds`: optional IDs from earlier runs to suppress repeated non-critical alerts.

### Quick-Start Presets

Copy one of these low-cost JSON inputs into the Apify input editor and replace `example.com` with the customer domain:

- `examples/presets/asset-health-starter.json`: one endpoint plus domain, DNS/email, security.txt, and well-known posture checks for a first scheduled monitor.
- `examples/presets/email-security-posture-watch.json`: one endpoint context check plus MX, SPF, DMARC, MTA-STS, TLS-RPT, CAA, and DNS drift posture for email/security teams.
- `examples/presets/security-disclosure-metadata-watch.json`: one endpoint context check plus security.txt and common security `/.well-known/*` metadata coverage.

Each preset caps every monitored surface at 1 item so a first run stays cheap before users expand the watchlist.

### Outputs

Dataset rows include SSL, HTTP, domain-expiry, DNS/email, security-header, security.txt, and security well-known checks with status, priority, reason, expiry/status/DNS/header/disclosure/well-known fields, and a future PPE event candidate.

Every dataset row also includes a buyer-friendly operational risk layer:

- `assetRiskScore`: normalized 0-100 score across expiry, outage, DNS, disclosure, TLS, CT, and header posture signals.
- `assetRiskSeverity`: LOW, MEDIUM, HIGH, or CRITICAL.
- `assetRiskReasons`: compact reasons assembled from the row reason and structured risk flags.
- `assetActionHints`: deduplicated remediation hints where the underlying check can provide them.
- `actionPriority`: P0-P3 queue label for teams that want to triage the report directly.
- `chargeableCandidate`: true only when the row is an alert-worthy signal that could justify a future `operational-asset-alert` paid event.

Certificate Transparency rows include:

- issuer, subject names, wildcard names, expected-domain comparison, outside-expected-domain names, serial/fingerprint, not-before/not-after, and expiry days
- warnings for wildcard certificates, missing issuer metadata, or certificates outside the expected monitored domain suffix
- `ctRiskFlags`, `ctActionHints`, and `ctRiskScore`

Domain rows include RDAP lifecycle posture:

- registrar, nameservers, nameserver count, status codes, and RDAP event fingerprint
- warnings for no nameservers, single nameserver, no transfer lock, registry hold, redemption, or pending delete states
- `domainLifecycleRiskFlags`, `domainLifecycleActionHints`, and `domainLifecycleRiskScore`

TLS certificate rows include expiry plus posture metadata:

- subject common name, issuer common name, SAN list/count, serial number, SHA-256 fingerprint, valid-from/valid-to, and validity length
- hostname match result, self-signed detection, missing SAN detection, not-yet-valid detection, and long-validity detection
- `tlsRiskFlags`, `tlsActionHints`, and `tlsRiskScore`

The report includes a `Top Asset Risks` section plus `Certificate Transparency Watchlist`, `Domain Lifecycle Posture`, and `TLS Certificate Posture` sections so CT drift, registrar/status/nameserver drift, and certificate issuer, SAN coverage, fingerprint, validity length, and posture warnings are visible without opening raw dataset rows.

The DNS checks are deliberately low-support and public-only:

- `MX`: warns when no mail exchanger is present, identifies common mail providers, detects null MX, and adds single-exchange/single-provider/failover risk flags without alerting on every redundancy smell.
- `DNS_SNAPSHOT`: records A, AAAA, NS, CNAME, and TXT values with a compact fingerprint. First run creates a baseline; later scheduled runs alert when the fingerprint changes. Rows include record types, record count, values by type, risk flags, risk score, and action hints.
- `SPF`: warns when no `v=spf1` TXT record is present, when `+all` is used, or when the record has no softfail or hardfail all mechanism.
- `DMARC`: warns when no `_dmarc` TXT record with `v=DMARC1` is present, when the policy is missing or unrecognized, when the policy is monitoring-only with `p=none`, when enforcement is partial with `pct<100`, when aggregate reporting is missing, or when subdomain policy/alignment posture is weak. Rows include `p`, `sp`, `pct`, `rua`, `ruf`, `adkim`/`aspf` alignment, forensic options, risk flags, risk score, and action hints.
- `MTA_STS`: checks `_mta-sts` TXT records for `v=STSv1` and `id`, warning when inbound mail transport security policy discovery is absent or incomplete.
- `TLS_RPT`: checks `_smtp._tls` TXT records for `v=TLSRPTv1` and `rua`, warning when SMTP TLS failure reporting is absent or incomplete.
- `CAA`: warns when no certificate authority authorization record is present and lists allowed issuers when available. Rows include `issue`, `issuewild`, `iodef`, critical-tag count, wildcard coverage, risk flags, risk score, and action hints.

### Security Header Monitoring

Endpoint checks also produce a `security-headers` row from the same HTTP response:

- Tracks HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy presence.
- Warns on missing HSTS or CSP.
- Warns on weak HSTS, weak CSP, weak referrer policy, missing clickjacking control, and weak content-type options.
- Outputs `securityHeaderPresentCount`, `securityHeaderMissing`, `securityHeaderWeak`, `securityHeaderRiskFlags`, and `securityHeaderScore`.
- Parses CSP directives and reports `cspDirectiveCount`, `cspDirectives`, `cspHasDefaultSrc`, `cspHasFrameAncestors`, `cspHasReporting`, `cspHasUpgradeInsecureRequests`, `cspRiskFlags`, `cspActionHints`, and `cspRiskScore`.
- Flags missing `default-src`, missing `frame-ancestors`, missing `report-uri`/`report-to`, missing `upgrade-insecure-requests`, wildcard sources, `unsafe-inline`, and `unsafe-eval`.

The report includes an `Email/DNS Posture` section so generic DNS snapshot drift, MX provider/risk, SPF, detailed DMARC policy posture, MTA-STS/TLS-RPT mail transport security posture, and CAA findings are visible without opening raw dataset rows.

The security.txt checks are public-only and low-support:

- Tries `/.well-known/security.txt` first, then `/security.txt`.
- Warns when security.txt is missing.
- Warns when a present security.txt has no `Contact` field.
- Extracts Contact types, Expires, Policy, Encryption, Canonical, Acknowledgments, Hiring, CSAF, Preferred-Languages, completeness score, and risk flags.
- Flags missing Canonical, Encryption, Policy, Preferred-Languages, expired/expiring disclosure files, and canonical mismatch as structured posture risks.
- Warns when `Expires` is within 30 days and marks expired files as critical.

The security well-known posture row probes a compact fixed set under the same `securityTextDomains` domain:

- `/.well-known/security.txt`
- `/.well-known/csaf/provider-metadata.json`
- `/.well-known/change-password`
- `/.well-known/openid-configuration`
- `/.well-known/assetlinks.json`
- `/.well-known/apple-app-site-association`

It outputs present/missing/redirect paths, coverage score, risk flags, action hints, and booleans for each well-known endpoint so scheduled runs can detect public security metadata drift.

# Actor input Schema

## `endpoints` (type: `array`):

Public HTTPS/HTTP endpoints to check.
## `maxEndpoints` (type: `integer`):

Cost guard for how many endpoints to check in one run.
## `domains` (type: `array`):

Public domain names to check through RDAP for registration expiry.
## `maxDomains` (type: `integer`):

Cost guard for how many domains to check in one run.
## `dnsDomains` (type: `array`):

Public domain names to check for MX, SPF, DMARC, and CAA records. Use this for email/DNS/certificate-authority posture drift monitoring.
## `maxDnsDomains` (type: `integer`):

Cost guard for how many DNS/email domains to check in one run.
## `securityTextDomains` (type: `array`):

Public domains to check for vulnerability disclosure metadata in /.well-known/security.txt and /security.txt plus compact security well-known posture endpoints such as CSAF provider metadata, change-password, OpenID configuration, assetlinks, and Apple app-site association.
## `maxSecurityTextDomains` (type: `integer`):

Cost guard for how many vulnerability disclosure domains to check in one run.
## `certificateTransparencyUrls` (type: `array`):

Public JSON URLs containing recent certificate transparency rows to parse. Defaults to empty to avoid extra network calls unless explicitly enabled.
## `maxCertificateTransparencyUrls` (type: `integer`):

Cost guard for how many Certificate Transparency JSON URLs to fetch in one run.
## `sslWarnDays` (type: `integer`):

Mark a certificate as WARN when it expires within this many days.
## `sslCriticalDays` (type: `integer`):

Mark a certificate as CRITICAL when it expires within this many days.
## `domainWarnDays` (type: `integer`):

Mark a domain as WARN when registration expires within this many days.
## `domainCriticalDays` (type: `integer`):

Mark a domain as CRITICAL when registration expires within this many days.
## `httpTimeoutMs` (type: `integer`):

Timeout used for TLS and HTTP checks.
## `previousAssetIds` (type: `array`):

Optional IDs from a previous run to suppress unchanged alerts.

## Actor input object example

```json
{
  "endpoints": [
    {
      "url": "https://example.com",
      "name": "Example"
    }
  ],
  "maxEndpoints": 10,
  "domains": [
    {
      "domain": "example.com",
      "name": "Example domain"
    }
  ],
  "maxDomains": 10,
  "dnsDomains": [
    {
      "domain": "example.com",
      "name": "Example DNS"
    }
  ],
  "maxDnsDomains": 10,
  "securityTextDomains": [
    {
      "domain": "example.com",
      "name": "Example security.txt"
    }
  ],
  "maxSecurityTextDomains": 10,
  "certificateTransparencyUrls": [],
  "maxCertificateTransparencyUrls": 10,
  "sslWarnDays": 30,
  "sslCriticalDays": 7,
  "domainWarnDays": 45,
  "domainCriticalDays": 14,
  "httpTimeoutMs": 8000,
  "previousAssetIds": []
}
````

# Actor output Schema

## `items` (type: `string`):

Default dataset rows with target, check type, status, alert, priority, normalized assetRiskScore/assetRiskSeverity/actionPriority/chargeableCandidate fields, expiry/status/Certificate Transparency/TLS/domain lifecycle/DNS snapshot/MX provider/SPF/DMARC/MTA-STS/TLS-RPT/CAA/security-header/security.txt contact, canonical, encryption, CSAF, completeness, and security well-known fields, including CT names/issuer/wildcards/out-of-scope signals, generic DNS A/AAAA/NS/CNAME/TXT fingerprints, DMARC policy, MTA-STS id, TLS-RPT reporting URIs, CAA issue/issuewild/iodef posture, risk flags, action hints, well-known coverage, missing endpoints, and future PPE event fields.

## `summary` (type: `string`):

Key-value store record with endpoint/domain/DNS snapshot/MX provider/SPF/DMARC/MTA-STS/TLS-RPT/CAA/security-header/security.txt/security well-known counts, normalized topAssetRisks, chargeableCandidateCount, highRiskAssetCount, CAA missing/issuewild/iodef posture counts, alerts, warnings, critical rows, and errors.

## `alerts` (type: `string`):

Only rows where alert=true. This is the future pay-per-event boundary.

## `report` (type: `string`):

Human-readable report with top asset risks, operational asset alert details, email/DNS posture, security.txt posture, security well-known posture, and security-header posture.

# API

You can run this Actor programmatically using our API. Below are code examples in JavaScript, Python, and CLI, as well as the OpenAPI specification and MCP server setup.

## JavaScript example

```javascript
import { ApifyClient } from 'apify-client';

// Initialize the ApifyClient with your Apify API token
// Replace the '<YOUR_API_TOKEN>' with your token
const client = new ApifyClient({
    token: '<YOUR_API_TOKEN>',
});

// Prepare Actor input
const input = {
    "endpoints": [
        {
            "url": "https://example.com",
            "name": "Example"
        }
    ],
    "domains": [
        {
            "domain": "example.com",
            "name": "Example domain"
        }
    ],
    "dnsDomains": [
        {
            "domain": "example.com",
            "name": "Example DNS"
        }
    ],
    "securityTextDomains": [
        {
            "domain": "example.com",
            "name": "Example security.txt"
        }
    ]
};

// Run the Actor and wait for it to finish
const run = await client.actor("silicon1235/operational-asset-monitor").call(input);

// Fetch and print Actor results from the run's dataset (if any)
console.log('Results from dataset');
console.log(`💾 Check your data here: https://console.apify.com/storage/datasets/${run.defaultDatasetId}`);
const { items } = await client.dataset(run.defaultDatasetId).listItems();
items.forEach((item) => {
    console.dir(item);
});

// 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/js/docs

```

## Python example

```python
from apify_client import ApifyClient

# Initialize the ApifyClient with your Apify API token
# Replace '<YOUR_API_TOKEN>' with your token.
client = ApifyClient("<YOUR_API_TOKEN>")

# Prepare the Actor input
run_input = {
    "endpoints": [{
            "url": "https://example.com",
            "name": "Example",
        }],
    "domains": [{
            "domain": "example.com",
            "name": "Example domain",
        }],
    "dnsDomains": [{
            "domain": "example.com",
            "name": "Example DNS",
        }],
    "securityTextDomains": [{
            "domain": "example.com",
            "name": "Example security.txt",
        }],
}

# Run the Actor and wait for it to finish
run = client.actor("silicon1235/operational-asset-monitor").call(run_input=run_input)

# Fetch and print Actor results from the run's dataset (if there are any)
print("💾 Check your data here: https://console.apify.com/storage/datasets/" + run["defaultDatasetId"])
for item in client.dataset(run["defaultDatasetId"]).iterate_items():
    print(item)

# 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/python/docs/quick-start

```

## CLI example

```bash
echo '{
  "endpoints": [
    {
      "url": "https://example.com",
      "name": "Example"
    }
  ],
  "domains": [
    {
      "domain": "example.com",
      "name": "Example domain"
    }
  ],
  "dnsDomains": [
    {
      "domain": "example.com",
      "name": "Example DNS"
    }
  ],
  "securityTextDomains": [
    {
      "domain": "example.com",
      "name": "Example security.txt"
    }
  ]
}' |
apify call silicon1235/operational-asset-monitor --silent --output-dataset

```

## MCP server setup

```json
{
    "mcpServers": {
        "apify": {
            "command": "npx",
            "args": [
                "mcp-remote",
                "https://mcp.apify.com/?tools=silicon1235/operational-asset-monitor",
                "--header",
                "Authorization: Bearer <YOUR_API_TOKEN>"
            ]
        }
    }
}

```

## OpenAPI specification

```json
{
    "openapi": "3.0.1",
    "info": {
        "title": "Operational Asset Monitor",
        "description": "Monitor public HTTPS endpoints, domains, DNS/email posture, SPF, DMARC, MTA-STS, TLS-RPT, CAA, security.txt, and security headers for operational alerts.",
        "version": "0.2",
        "x-build-id": "an7jQ2nlJBmofdg5M"
    },
    "servers": [
        {
            "url": "https://api.apify.com/v2"
        }
    ],
    "paths": {
        "/acts/silicon1235~operational-asset-monitor/run-sync-get-dataset-items": {
            "post": {
                "operationId": "run-sync-get-dataset-items-silicon1235-operational-asset-monitor",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor, waits for its completion, and returns Actor's dataset items in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK"
                    }
                }
            }
        },
        "/acts/silicon1235~operational-asset-monitor/runs": {
            "post": {
                "operationId": "runs-sync-silicon1235-operational-asset-monitor",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor and returns information about the initiated run in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "content": {
                            "application/json": {
                                "schema": {
                                    "$ref": "#/components/schemas/runsResponseSchema"
                                }
                            }
                        }
                    }
                }
            }
        },
        "/acts/silicon1235~operational-asset-monitor/run-sync": {
            "post": {
                "operationId": "run-sync-silicon1235-operational-asset-monitor",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor, waits for completion, and returns the OUTPUT from Key-value store in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK"
                    }
                }
            }
        }
    },
    "components": {
        "schemas": {
            "inputSchema": {
                "type": "object",
                "required": [
                    "endpoints"
                ],
                "properties": {
                    "endpoints": {
                        "title": "Endpoints",
                        "type": "array",
                        "description": "Public HTTPS/HTTP endpoints to check.",
                        "items": {
                            "type": "object",
                            "required": [
                                "url"
                            ],
                            "properties": {
                                "url": {
                                    "type": "string",
                                    "title": "URL",
                                    "description": "Public HTTP or HTTPS URL to check."
                                },
                                "name": {
                                    "type": "string",
                                    "title": "Display name",
                                    "description": "Optional label shown in output rows and reports."
                                }
                            }
                        }
                    },
                    "maxEndpoints": {
                        "title": "Maximum endpoints",
                        "minimum": 1,
                        "maximum": 50,
                        "type": "integer",
                        "description": "Cost guard for how many endpoints to check in one run.",
                        "default": 10
                    },
                    "domains": {
                        "title": "Domains",
                        "type": "array",
                        "description": "Public domain names to check through RDAP for registration expiry.",
                        "items": {
                            "type": "object",
                            "required": [
                                "domain"
                            ],
                            "properties": {
                                "domain": {
                                    "type": "string",
                                    "title": "Domain",
                                    "description": "Domain name to check, such as example.com."
                                },
                                "name": {
                                    "type": "string",
                                    "title": "Display name",
                                    "description": "Optional label shown in output rows and reports."
                                }
                            }
                        },
                        "default": []
                    },
                    "maxDomains": {
                        "title": "Maximum domains",
                        "minimum": 1,
                        "maximum": 50,
                        "type": "integer",
                        "description": "Cost guard for how many domains to check in one run.",
                        "default": 10
                    },
                    "dnsDomains": {
                        "title": "DNS / email domains",
                        "type": "array",
                        "description": "Public domain names to check for MX, SPF, DMARC, and CAA records. Use this for email/DNS/certificate-authority posture drift monitoring.",
                        "items": {
                            "type": "object",
                            "required": [
                                "domain"
                            ],
                            "properties": {
                                "domain": {
                                    "type": "string",
                                    "title": "Domain",
                                    "description": "Domain name to check, such as example.com."
                                },
                                "name": {
                                    "type": "string",
                                    "title": "Display name",
                                    "description": "Optional label shown in output rows and reports."
                                }
                            }
                        },
                        "default": []
                    },
                    "maxDnsDomains": {
                        "title": "Maximum DNS domains",
                        "minimum": 1,
                        "maximum": 50,
                        "type": "integer",
                        "description": "Cost guard for how many DNS/email domains to check in one run.",
                        "default": 10
                    },
                    "securityTextDomains": {
                        "title": "security.txt domains",
                        "type": "array",
                        "description": "Public domains to check for vulnerability disclosure metadata in /.well-known/security.txt and /security.txt plus compact security well-known posture endpoints such as CSAF provider metadata, change-password, OpenID configuration, assetlinks, and Apple app-site association.",
                        "items": {
                            "type": "object",
                            "required": [
                                "domain"
                            ],
                            "properties": {
                                "domain": {
                                    "type": "string",
                                    "title": "Domain",
                                    "description": "Domain name to check, such as example.com."
                                },
                                "name": {
                                    "type": "string",
                                    "title": "Display name",
                                    "description": "Optional label shown in output rows and reports."
                                }
                            }
                        },
                        "default": []
                    },
                    "maxSecurityTextDomains": {
                        "title": "Maximum security.txt domains",
                        "minimum": 1,
                        "maximum": 50,
                        "type": "integer",
                        "description": "Cost guard for how many vulnerability disclosure domains to check in one run.",
                        "default": 10
                    },
                    "certificateTransparencyUrls": {
                        "title": "Certificate Transparency JSON URLs",
                        "type": "array",
                        "description": "Public JSON URLs containing recent certificate transparency rows to parse. Defaults to empty to avoid extra network calls unless explicitly enabled.",
                        "items": {
                            "type": "object",
                            "required": [
                                "url"
                            ],
                            "properties": {
                                "url": {
                                    "type": "string",
                                    "title": "JSON URL",
                                    "description": "Public JSON URL containing certificate rows."
                                },
                                "name": {
                                    "type": "string",
                                    "title": "Display name",
                                    "description": "Optional label shown in output rows and reports."
                                },
                                "expectedDomain": {
                                    "type": "string",
                                    "title": "Expected domain",
                                    "description": "Optional domain suffix used to flag certificates outside the expected asset scope."
                                }
                            }
                        },
                        "default": []
                    },
                    "maxCertificateTransparencyUrls": {
                        "title": "Maximum CT URLs",
                        "minimum": 1,
                        "maximum": 50,
                        "type": "integer",
                        "description": "Cost guard for how many Certificate Transparency JSON URLs to fetch in one run.",
                        "default": 10
                    },
                    "sslWarnDays": {
                        "title": "SSL warning threshold days",
                        "minimum": 1,
                        "maximum": 365,
                        "type": "integer",
                        "description": "Mark a certificate as WARN when it expires within this many days.",
                        "default": 30
                    },
                    "sslCriticalDays": {
                        "title": "SSL critical threshold days",
                        "minimum": 1,
                        "maximum": 90,
                        "type": "integer",
                        "description": "Mark a certificate as CRITICAL when it expires within this many days.",
                        "default": 7
                    },
                    "domainWarnDays": {
                        "title": "Domain warning threshold days",
                        "minimum": 1,
                        "maximum": 730,
                        "type": "integer",
                        "description": "Mark a domain as WARN when registration expires within this many days.",
                        "default": 45
                    },
                    "domainCriticalDays": {
                        "title": "Domain critical threshold days",
                        "minimum": 1,
                        "maximum": 365,
                        "type": "integer",
                        "description": "Mark a domain as CRITICAL when registration expires within this many days.",
                        "default": 14
                    },
                    "httpTimeoutMs": {
                        "title": "HTTP timeout in milliseconds",
                        "minimum": 1000,
                        "maximum": 30000,
                        "type": "integer",
                        "description": "Timeout used for TLS and HTTP checks.",
                        "default": 8000
                    },
                    "previousAssetIds": {
                        "title": "Previous asset IDs",
                        "type": "array",
                        "description": "Optional IDs from a previous run to suppress unchanged alerts.",
                        "items": {
                            "type": "string"
                        },
                        "default": []
                    }
                }
            },
            "runsResponseSchema": {
                "type": "object",
                "properties": {
                    "data": {
                        "type": "object",
                        "properties": {
                            "id": {
                                "type": "string"
                            },
                            "actId": {
                                "type": "string"
                            },
                            "userId": {
                                "type": "string"
                            },
                            "startedAt": {
                                "type": "string",
                                "format": "date-time",
                                "example": "2025-01-08T00:00:00.000Z"
                            },
                            "finishedAt": {
                                "type": "string",
                                "format": "date-time",
                                "example": "2025-01-08T00:00:00.000Z"
                            },
                            "status": {
                                "type": "string",
                                "example": "READY"
                            },
                            "meta": {
                                "type": "object",
                                "properties": {
                                    "origin": {
                                        "type": "string",
                                        "example": "API"
                                    },
                                    "userAgent": {
                                        "type": "string"
                                    }
                                }
                            },
                            "stats": {
                                "type": "object",
                                "properties": {
                                    "inputBodyLen": {
                                        "type": "integer",
                                        "example": 2000
                                    },
                                    "rebootCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "restartCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "resurrectCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "computeUnits": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            },
                            "options": {
                                "type": "object",
                                "properties": {
                                    "build": {
                                        "type": "string",
                                        "example": "latest"
                                    },
                                    "timeoutSecs": {
                                        "type": "integer",
                                        "example": 300
                                    },
                                    "memoryMbytes": {
                                        "type": "integer",
                                        "example": 1024
                                    },
                                    "diskMbytes": {
                                        "type": "integer",
                                        "example": 2048
                                    }
                                }
                            },
                            "buildId": {
                                "type": "string"
                            },
                            "defaultKeyValueStoreId": {
                                "type": "string"
                            },
                            "defaultDatasetId": {
                                "type": "string"
                            },
                            "defaultRequestQueueId": {
                                "type": "string"
                            },
                            "buildNumber": {
                                "type": "string",
                                "example": "1.0.0"
                            },
                            "containerUrl": {
                                "type": "string"
                            },
                            "usage": {
                                "type": "object",
                                "properties": {
                                    "ACTOR_COMPUTE_UNITS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_WRITES": {
                                        "type": "integer",
                                        "example": 1
                                    },
                                    "KEY_VALUE_STORE_LISTS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_INTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_EXTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_RESIDENTIAL_TRANSFER_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_SERPS": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            },
                            "usageTotalUsd": {
                                "type": "number",
                                "example": 0.00005
                            },
                            "usageUsd": {
                                "type": "object",
                                "properties": {
                                    "ACTOR_COMPUTE_UNITS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_WRITES": {
                                        "type": "number",
                                        "example": 0.00005
                                    },
                                    "KEY_VALUE_STORE_LISTS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_INTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_EXTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_RESIDENTIAL_TRANSFER_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_SERPS": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }
}
```
