[New functionality] MVP security.txt scan #1542
Description
- Tech skills needed: typescript, github actions
- Estimated level of effort: 10-15 hours
- Urgency: Low
GSA IT has requested a new scan that would detect the presence or absence of [domain]/.well-known/security.txt. It can operate daily.
The work would be in this repo and it would make sense to begin this task with a quick check-in with @laurenancona and myself to discuss ways to do this. I suspect that it would need to be a new scan (folder here), but the methodology could be a simple adaptation of the primary, robots.txt, sitemap.xml, or www scans.
The field that is generated should be called security_txt_detected, would be boolean (TRUE if the status code for that URL is 2xx, FALSE if the status code is anything else, empty/null if the scan doesn't complete).