Probes a domain for WebAuthn / passkey signaling on the homepage and common endpoints. Reports detected COSE algorithm IDs (all classical today) and surfaces the FIDO Alliance PQC roadmap migration considerations. Pairs with the PQC Analyzer for the TLS layer.
Probes /, /.well-known/webauthn, /api/webauthn/options, /webauthn/begin-registration, common Auth0 / Clerk / Stytch / SuperTokens paths. CORS may block deep options-fetch on most apex domains; the audit falls back to HTML signals.