Run the first live audit

Before you start

The first live audit is the automated browser scan that turns the accepted project scope into evidence for reports and fixes. Use this page after the account, project setup, accepted scope, domain authorization and billing entitlement are complete. Do not start duplicate scans to "speed up" the result. A queued or running scan already owns the worker slot for that project, and later scans should only run after the current state is clear.

Start the live audit

Follow the path `Dashboard → Shortcut paths → Get the first useful report → Project detail → On-demand risk scan → Run scan → Scan detail`.

1. Open `/dashboard`, choose Get the first useful report, then open the project with accepted scope, confirmed domain ownership and ready billing. Result: the project detail page shows On-demand risk scan with a Ready badge and a Run scan button.
2. Review Scope limits and Crawl limits in On-demand risk scan. Result: you know the accepted domain, page budget, crawl depth and public-page boundary before a browser worker starts.
3. Click Run scan once. Result: WebRiskOps creates a queued on-demand scan run and sends scanner work to the queue without requiring manual review.
4. Open the scan from Open latest scan or `/scans`. Result: the scan detail page and the `/scans` Scan to report path show Status, Queue, Progress, Runtime, Health check and Artifacts.
5. Wait while the scan moves through Queued and Running. Result: progress and current-page messages update without starting duplicate scans.
6. When status becomes Completed, open View report or generate the report if that action appears. Result: the first report path can use the collected screenshots, HTML snapshots and issue evidence.

Watch scan state

Queued means the scan request was accepted and is waiting for the worker. Running means the browser worker is collecting page evidence. Completed means the run has terminal evidence for report generation. Blocked or Failed means the page-specific reason must be fixed before retrying. Partial evidence can still be useful. If one accepted page fails but other pages load, read the scan coverage notes and artifact summary before deciding whether to retry or continue to the report.

Continue to the first report

When the live audit reaches Completed, continue to [Read your first report](/docs/getting-started/read-first-report). The next page explains how to open the private report, review issue evidence and choose the next automated action.

Blocked states

• Scan run blocked means one of the required gates is missing, such as authorization, plan state, accepted scope or scanner safety.
• Domain authorization required means ownership proof is missing after scope acceptance. Complete the project page challenge before retrying the scan.
• Scan run failed means the run could not collect enough evidence. Use the failure reason and retry only after the target is reachable and scope is still correct.
• Queued means the request is accepted but not running yet. Wait rather than starting duplicate scans.
• Completed means evidence is ready for report generation or review.
• Active scan means another queued or running scan already exists for this project. Open that scan instead of creating a duplicate run.