Frequently asked questions

Pantra is an SEO, Security and GEO audit tool built for vibe coders — developers who ship apps with Lovable, Cursor, Bolt, v0 and Replit. It scans your live site and returns ready-to-paste fix prompts in your tool of choice.

No. Pantra writes the fix-prompt for you in plain language. Paste it into Lovable or Cursor and your AI codes the fix. You never need to learn what a canonical tag is.

Lovable, Cursor, Bolt, v0, Replit. Pantra auto-detects your stack from your live site and writes prompts in the right syntax.

Anything reachable via HTTP. Pantra has tuned prompts for Next.js, Astro, SvelteKit, React Router and plain HTML — but the audit itself works on every URL.

There is no time-limited trial, but the public scan at pantra.io is free forever — you can audit any URL without an account. Paid plans unlock daily security monitoring, email alerts on new findings and the monthly SEO strategy.

Starter $19/mo (1 project). Pro $79/mo (5 projects, 365-day history, badge removable). Agency $199/mo (15 projects, unlimited history, 5 team seats). Enterprise from $999/mo (unlimited projects, SSO, API access, SLA). All plans include daily security audits, monthly GEO audits, SEO strategy and stack-specific fix prompts.

Yes. Cancel from your dashboard, no questions asked. You retain access until the end of the billing cycle.

Yes — annual plans get 2 months free. Switch in your dashboard.

On average 8 seconds. SEO, Security and GEO modules run in parallel.

Each module returns a 0-100 score. SEO uses weighted averages of 14 checks, Security starts at 100 and deducts per finding by severity, GEO scores 8 AI-readiness signals.

Generative Engine Optimization — making your site discoverable and citable by AI search engines like ChatGPT, Perplexity, Claude and Google AI Overviews. Different from classic SEO which optimizes for blue-link clicks.

The default audit checks the entered URL plus broken-link discovery on internal links from that page. Full-site crawling is on the roadmap for Agency plan.

Every 24 hours for all paid plans. Agency runs twice per day. The dashboard shows a countdown to your next scan.

No. Pantra only fetches your publicly available HTML, JS bundles and HTTP headers — exactly what a search engine or attacker would see. Read-only.

No. The security check sends a single probe per endpoint. Total requests per audit: under 20.

Pantra downloads your JS bundle and runs regex matching for known key formats: Supabase anon/service keys, OpenAI sk-* keys, Stripe pk_/sk_, Anthropic sk-ant-* and others. Detection is signature-based — no false-positive guessing.

In a Supabase Postgres database hosted in the EU. Row Level Security ensures you only see your own data. Public scans are stored without account linkage.

Yes. EU hosting, no PII collected without consent, deletion on request. Data Processing Agreement available for Agency customers.

Yes, from settings. Deletion is immediate and cascades to audit results, blog posts, custom domains and Vercel deprovisioning.

No, never. We only use your data to deliver the service.