We ran a full automated QA scan across 100 web design agency websites -- the companies that build sites for a living. Every scan covered 69 rules: AI vision checks, Lighthouse performance audits, WCAG accessibility analysis, SEO validation, security header inspection, content quality, and more. Up to 80 pages per site.
27 sites were excluded because bot protection blocked the crawler, leaving 73 sites with valid results.
The average score was 69 out of 100. The highest score in the entire set was 84. No agency site scored above 84. More than half scored below 70.
See for yourself: here are the full reports for the top and bottom scorers.
Top 3:
Bottom 3:
- anagrama.com -- 50/100 (81 pages)
- portorocha.com -- 51/100 (58 pages)
- growmodo.com -- 52/100 (80 pages)
The top 10 things agencies miss on their own websites
1. Accessibility statement (79% failed)
Nearly four in five agency sites have no accessibility statement. Some jurisdictions require one by law. Even where it's not legally mandated, it signals that the agency takes inclusive design seriously -- the kind of thing a prospective client notices.
2. Heading hierarchy (67% failed)
Two thirds of sites have pages with multiple H1 tags or broken heading structure. This confuses screen readers and dilutes the SEO signal that tells Google what the page is about. Most of these are template issues -- a logo or site title wrapped in an H1 alongside the page's actual heading.
3. Missing meta descriptions (51% failed)
Half the sites let Google generate their own search snippets. The result is usually the first sentence of body text, which rarely makes a compelling reason to click. A missing meta description is a missed opportunity on every single search result.
4. Color contrast (45% failed)
Nearly half of all sites have text that fails WCAG AA contrast requirements (4.5:1 ratio). The most common offender: white text on bright brand colours. Even well-known brand palettes like WhatsApp green (1.98:1) and YouTube red (3.19:1) fail the threshold. Popularity does not mean accessible.
5. Security headers (44% failed)
Missing CSP, X-Frame-Options, or Referrer-Policy headers. These are one-line server configurations that protect against clickjacking and XSS. HSTS adoption is better -- most sites have it. But the other three are often overlooked entirely.
6. Open Graph tags (37% failed)
More than a third of sites have no og:title, og:description, or og:image. When someone shares a link to the agency's site on LinkedIn or Slack, the preview shows a generic title and no image. For agencies that rely on referrals and word-of-mouth, this is leaving first impressions to chance.
7. Broken links (31% failed)
Nearly a third of sites have at least one broken link -- a page that returns a 404, a link to a defunct partner, or a portfolio piece that's been taken down. Broken links erode trust and hurt SEO. They accumulate silently over time.
8. Missing alt text (30% failed)
Three in ten sites have images without alt attributes. Alt text is the most basic accessibility requirement for images, and it's also how Google indexes image content. Portfolio-heavy agency sites are the worst offenders -- dozens of project screenshots with empty alt tags.
9. Canonical tags (27% failed)
Over a quarter of sites have pages without canonical tags, or with canonicals pointing to different URLs. Without them, search engines may treat URL variations (trailing slashes, query parameters, www vs non-www) as duplicate content.
10. Privacy policy link (25% failed)
One in four agency sites has no privacy policy link in the footer. Under GDPR and CCPA, this is a compliance gap. It's also one of the first things a privacy-conscious client will look for.
The numbers
| Metric | Value |
|---|---|
| Sites scanned | 100 |
| Valid results (crawler not blocked) | 73 |
| Average score | 69/100 |
| Median score | 69/100 |
| Highest score | 84/100 |
| Scored 70-84 | 48% |
| Scored 50-69 | 52% |
| Below 50 | 0% |
| Total checks run | 6,037 |
What else showed up
Beyond the top 10, some patterns stood out:
- 80% had grammar issues flagged -- mostly minor (possessives, compound modifiers), but present.
- 77% are missing Permissions-Policy headers -- a newer security header that controls which browser APIs third-party scripts can access.
- 71% of sites have images without width/height attributes, causing layout shift (poor Core Web Vitals CLS scores).
- 66% have meta title issues -- duplicates across pages, or titles that are too long/short for search results.
- 60% have generic anchor text like "click here" or "read more" on internal links.
Why this matters
These aren't amateur mistakes. These are professional web agencies -- companies that charge thousands to build and maintain websites. The issues they miss on their own sites are the same ones they miss on client sites.
Most of these problems are invisible in a browser. A missing canonical tag doesn't show an error. A broken heading hierarchy looks fine on screen. A 1.98:1 contrast ratio is readable to most people in good lighting. These are the gaps that manual review doesn't catch.
That's why we built SiteVett. One scan, 69 automated checks, a score out of 100, and a list of exactly what to fix. You can scan any site for free.
Data from SiteVett's 100-site agency benchmark, April 2026. All sites scanned with AI vision checks enabled, up to 80 pages per site. 27 sites excluded due to bot protection blocking the crawler.
Top comments (0)