Invisible. Agents can't meaningfully engage with this storefront.

Hims scores 34 out of 100 and lands in the Invisible band, which is the correct verdict for a site that welcomes AI crawlers in robots.txt and then slams the door on them at the edge. The contradiction is the entire story. The robots file explicitly allows GPTBot, ClaudeBot, PerplexityBot, Google-Extended, anthropic-ai, Applebot-Extended, CCBot, Bytespider, and Amazonbot, full marks on intent. Then DataDome returns 403 on 10 of 30 fetches, including the homepage, /cart, /checkout, /terms, /llms.txt, and /.well-known/ai-plugin.json. A 53 percent block rate against a polite scanner means agents acting on behalf of real customers are being turned away at roughly the same clip. The welcome mat is real, but it is laid in front of a locked door. The most expensive failure is transactability. Checks 3.1, 3.2, and 3.3 all score zero because /cart and /checkout returned 403. That is fourteen points evaporated not because Hims lacks a checkout, but because the bot wall makes it invisible to anything programmatic. Combined with check 4.1 (zero of six on bot detection, DataDome flagged on six product and guide URLs) the picture is unambiguous: this is a site optimized to defeat scrapers, and modern shopping agents look like scrapers. The second large hole is structured data. Check 1.2 scores zero of six with no Product or Offer schema across ten sampled URLs, and check 2.2 scores zero of six on product attributes. Check 6.5 (price stability) and check 6.4 (delivery dates) both register zero. The sample is dominated by /guides, /drugs/info, and /conditions pages, which is editorial content rather than PDPs, but that itself is the problem. When an agent crawls hims.com looking for a buyable SKU for tadalafil, it finds a clinical explainer with prose like "for less than $2/day" embedded in rendered React, no schema, no Offer node, no validity window, no shipping ETA. Check 2.1 confirms it: only 6 of 10 raw HTML responses contain price text, and 4 of 10 require JavaScript rendering to surface even a dollar sign. Trust signals compound the problem. Check 5.1 returns zero because there is no reachable /returns page and no homepage link to one. Check 5.4 returns zero because Trustpilot, BBB, Yotpo, Bazaarvoice, and every other third-party anchor checked came up empty. Check 4.4 returns zero because the terms and privacy pages were themselves 403'd, so no agent policy could be classified. A merchant cannot publish trust signals that crawlers cannot read. The bright spots are real but narrow. Check 6.2 scores a perfect 2 of 2: every sampled page has high-quality conversational explanation of the underlying condition or drug, the kind of prose that LLMs love to cite. Check 3.5 detects a Shopify cart endpoint pattern, meaning the commerce plumbing exists. Check 1.1 is full marks on stated crawler policy. Hims has built the content and the rails. The DataDome configuration is what makes both inaccessible. The single highest-leverage move is to allowlist the same AI user agents at the bot-management layer that are already allowed in robots.txt, then publish Product and Offer schema on the actual subscription PDPs, not just the editorial library.