FOR INDIE HACKERS

QA for indie hackers, without the QA team

You shipped it yourself — often with an AI coding agent — and there's no one to check it. Point Prufa at your URL. A real browser walks the site and reports what's actually broken.

No signup. No card. Public pages only, read-only.

We audited 49 Show HN launches in June 2026 — 78% had a critical bug live on day one. See the data →

A finished report: six A–F section grades, verified findings with mono evidence above a quieter advisory block — and no 0–100 vanity score.

How do indie hackers do QA without a QA team?

You're one person. You wrote the code (or your AI agent did), you wrote the copy, you set up the deploy. There is no QA function — there's you, at midnight, clicking through your own signup form for the fourth time and hoping you didn't miss anything. The usual advice is "hire a contractor at $25–45/hr" or "ask a friend to poke at it." Neither is a process you can run on every deploy, and neither tells you whether your analytics actually fired or whether a link 404s on a page you never look at.

Prufa is an AI QA engineer that does the smoke test for you. The architecture is deliberately split: the LLM navigates and drives a real browser; plain code records the traffic and verifies the result against a spec. The model never judges whether your tracking is correct — it captures the network beacons and a deterministic check asserts them against what should have happened. Same input, same verdict. That's the whole point: you get a result you can trust without a human in the loop, and without learning a test framework.

It walks your public pages, captures every network request, console error, cookie, and response code, and grades the evidence into six plain-language sections: Works, Fast, Found, Measured, Accessible, Compliant. No 0–100 vanity score — just A–F grades and findings you can act on.

How does the free audit work?

Three steps, no signup. Paste a URL and watch the run stream in live.

  1. Paste your URL

    No signup, no card. The audit endpoint is anonymous — you hand it a public URL and it queues a run.

  2. The agent drives a real browser

    It loads your pages the way a visitor would and captures the actual network traffic, console output, cookies, and status codes — not a static crawl.

  3. Evidence keeps the score

    Deterministic checks grade the captured evidence. Machine-verified facts ship as VERIFIED findings; opinions ship separately as ADVISORY and never count against your grade. Results stream in live, then you get a shareable report.

Can my AI coding agent run the QA itself?

If you build with Claude Code, Cursor, Cline, or Continue, you can wire Prufa in as an MCP server and have your agent verify what it just built — the same free audit, called as a tool. Install the open-source package and add one block to your MCP config:

Then your agent can call prufa_run_audit({url}) and read the report back with prufa_get_report. Both work anonymously — no key, no card. A PRUFA_API_TOKEN is only needed later, for persistent monitoring tiers. The package is open source (Apache-2.0, prufa-dev/prufa-mcp).

Honest note: pip install prufa-mcp is the supported install today. If you see npx/uvx invocations floating around, those aren't published yet — use pip.

agent session
~ $
pip install prufa-mcp
# then your AI agent calls the tool — no key, no card
prufa_run_audit({ url: "https://myapp.com" })
→ real-browser run started…
✓ verified findings graded · advisory kept separate
report_url:
app.prufa.dev/r/k3n9-launch
Install the package, then your agent calls prufa_run_audit and reads the evidence-gated report back — anonymously.
mcp config (.cursor/mcp.json, .mcp.json, …)
{ "mcpServers": { "prufa": { "command": "prufa-mcp" } } }

What does a Prufa audit actually catch?

Verified findings are machine-checked facts — these set your grade. The advisory block is opinion, never phrased as "broken", and never counts against the grade. The two tiers never interleave.

critical No analytics events fired on page load ✓ verified
tracking.none_detected · GET / · 0 events captured

Your launch traffic is invisible — you can't see who signed up or where they dropped. This was the single most common critical in our 49-launch audit (38 of 49 sites).

warning 3 links return 404 ✓ verified
ux.dead_links · /pricing → /docs/old-guide · 404

Dead links break trust on the exact pages you want converting. 14 of the 49 launches shipped at least one.

warning Pages declare no canonical URL ✓ verified
seo.missing_canonical · /features · <head>

Search engines may index the wrong variant of your page. 24 of the 49 launches had no canonical.

opinion Hero copy doesn't clearly state what the product does

A first-time visitor may not understand the product from the fold alone — worth a second look. Advisory, not a verdict.

Is it safe to run on my live site?

The straight answers to what solo founders ask before they paste a URL.

Will it mess with my production site or analytics?

The free audit loads your public pages and records traffic read-only. It doesn't submit forms, doesn't make purchases, and doesn't mutate state. A core product invariant is that monitoring never pollutes your customer analytics. Honest scope: the free audit walks public pages — it doesn't log into authenticated flows. Testing a real signup or checkout flow is a separate, opt-in feature where you confirm the steps first.

Isn't this just a crawler or Lighthouse?

No. A crawler reads HTML; Lighthouse runs lab metrics. Prufa runs a real browser through the page and asserts captured evidence against a spec — it checks whether your analytics beacons actually fired, not just whether a tag is present in the source. Where Lighthouse genuinely wins: deep performance lab diagnostics and a single throttled score. Prufa is about “does it work,” not “what's my Lighthouse number.”

I vibe-coded this — can I even read the report?

Yes. Findings are plain-English headlines with A–F section grades and no 0–100 composite score (we deliberately don't fake that precision). The evidence line under each verified finding is there if you want to dig in, or hand to your AI agent to fix.

Frequently asked questions

The questions solo founders actually ask before running their first audit.

How do indie hackers do QA without a QA team?

Run an automated smoke test on every deploy instead of hiring. Point a tool like Prufa at your live URL and a real browser walks the site, capturing network traffic, console errors, broken links, and layout breakage, then grades the evidence. The free audit needs no signup or card and streams results live, so it fits a one-person workflow where QA would otherwise just not happen.

How much does it cost to QA a SaaS before launch?

Solo founders typically face $25–45/hr for a freelance QA contractor, which isn't something you can run on every deploy. Prufa's audit is free — $0, no card — for a one-shot run on public pages, and paid monitoring starts at $29/mo if you want it on a schedule. See our breakdown of what a QA engineer actually costs.

What's the minimum QA I should do before launching my SaaS?

At minimum, test the things that quietly fail — the stuff no one was assigned to check: confirm your signup and core money flow complete, check that analytics events actually fire, look for broken links and console errors, and open the site on a phone. In our June 2026 audit of 49 Show HN launches, no analytics firing was the most common critical (38 of 49); 14 shipped at least one broken link and 22 set cookies without the Secure flag. Our pre-launch checklist for indie hackers walks the full list.

Can I automate pre-launch testing as a solo founder?

Yes. Prufa runs from a URL, a CLI, an HTTP API, or as an MCP server your AI coding agent calls directly (prufa_run_audit). The free audit needs no key or card. If you build with Claude Code or Cursor, you can have the agent verify what it just built and read the report back as JSON — no test suite to author and no QA hire required.

Find out what's broken before your users do

One URL, no signup, results stream live. The same audit we ran on 49 Show HN launches — pointed at your site.

See plans →