Finding types catalog
Findings are specific issues detected by Field's automated scans or entered manually by operators. The WordPress template includes roughly 60 finding types organized across seven domains. Each type has a severity, a base time estimate, and rules for which tiers include its remediation.
Seven domains
Every finding belongs to one of seven domains. The domain determines its weight in the health score and whether it's included in a given service tier.
Security
Outdated WordPress core, vulnerable plugins, weak file permissions, exposed wp-config, missing security headers, compromised admin accounts.
Performance
Unoptimized images, render-blocking scripts, missing browser caching, slow database queries, no CDN, excessive HTTP requests.
Technical debt
Outdated PHP version, deprecated plugin APIs, abandoned plugins, theme compatibility issues, mixed content warnings, failed auto-updates.
SEO
Missing meta descriptions, duplicate title tags, broken canonical URLs, missing sitemap, noindex on important pages, poor mobile usability.
Accessibility — labeling
Missing alt text on images, unlabeled form fields, empty link text, missing ARIA labels, poor color contrast, missing language attribute.
Accessibility — structural
Skipped heading levels, missing landmark regions, broken tab order, inaccessible dropdown menus, missing skip navigation link.
Content structure
Broken internal links, 404 pages, redirect chains, orphan pages, missing breadcrumbs, inconsistent URL patterns.
Severity levels
Each finding type has a default severity that affects its health score impact and queue priority:
- • Critical — immediate risk. Security breaches, site-down conditions, data exposure. Surfaces in the Urgent queue section.
- • High — should be addressed this cycle. Significant performance issues, vulnerable software with known exploits.
- • Medium — address when capacity allows. Optimization opportunities, non-critical accessibility gaps.
- • Low — improvement items. Best-practice recommendations, minor content structure issues.
Base time estimates
Every finding type includes a base_minutes estimate — the typical time to remediate that issue. This is used for budget forecasting and work planning, not billing. Actual time is tracked through the work pipeline. The estimate helps operators understand whether a finding fits within the remaining budget or will likely require slice-rate work.
Detection
Finding types have an auto_detectable flag:
- • Auto-detectable — found by automated scans. The Field Agent or external scanner identifies these without operator input. Most security and performance findings are auto-detectable.
- • Operator-entered — require human judgment. Content structure issues, some accessibility findings, and context-dependent items are entered manually by the operator during review.
Tier inclusion matrix
Not all finding domains are included in every tier. The matrix determines whether remediating a finding is covered by the monthly budget or billed at the slice rate:
| Domain | Tier 1 | Tier 2 | Tier 3 |
|---|---|---|---|
| Security | Included | Included | Included |
| Performance | Paid | Included | Included |
| Technical debt | Paid | Included | Included |
| SEO | Paid | Paid | Included |
| Accessibility (labeling) | Paid | Paid | Included |
| Accessibility (structural) | Paid | Paid | Included |
| Content structure | Paid | Paid | Included |
Included means remediation is covered by the monthly budget at the $2.50/min rate. Paid means it's billed at the $3.75/min slice rate unless the operator chooses to absorb it.
Next: Service tiers →