Contractor Risk Report

Contractor risk assessment for construction projects — automated, data-driven, and ready in under two minutes. This actor queries 8 federal and public data sources in parallel, runs 4 scoring models, and produces a composite underwriting report with an APPROVE, APPROVE_WITH_CONDITIONS, ENHANCED_REVIEW, or DECLINE verdict. Built for construction lenders, insurance underwriters, surety bond analysts, and project owners who need a defensible risk baseline before committing capital or coverage.

Manual contractor vetting means downloading OSHA inspection reports, searching EPA compliance databases, pulling corporate records from multiple state registries, and cross-referencing weather and seismic data for the project site. That process takes hours per contractor and still leaves gaps. This actor runs all eight data pulls in parallel, applies a weighted 4-axis scoring model, and delivers a structured JSON report with specific risk signals and actionable recommendations — no code required.

What data can you extract?

Why use Contractor Risk Report?

Vetting a contractor the traditional way means visiting three to five separate government websites, running manual name searches that return unstructured PDFs, and then assembling the findings into a coherent picture. A single thorough assessment can take a compliance analyst two to four hours. For a loan officer processing ten deals per month, that is forty hours of non-revenue work.

Existing contractor prequalification platforms — ISN, Avetta, BROWZ — charge $3,000 to $15,000 per year for subscription access, require contractors to self-enroll, and focus primarily on safety questionnaires rather than objective regulatory data. This actor pulls directly from federal data sources (OSHA, EPA, USGS, NOAA, Federal Register) and public corporate registries, applies a transparent scoring model, and costs a fraction of a subscription per report.

• Scheduling — run nightly batches before weekly credit committee meetings to keep your pipeline data fresh
• API access — trigger reports from your loan origination system, underwriting platform, or Python risk model via the Apify API
• Proxy rotation — sub-actor data pulls use Apify's built-in infrastructure so rate limits and IP restrictions don't interrupt your batch
• Monitoring — configure Slack or email alerts when runs fail so no deal slips through with stale risk data
• Integrations — push results directly to HubSpot, your underwriting spreadsheet, or a webhook that triggers your deal workflow

Features

• 4-axis scoring model combining contractor safety history, project site hazards, schedule delay probability, and regulatory compliance burden into a single composite score weighted 30/25/20/25
• OSHA safety record scoring awards 3 points per inspection and 8 points per serious, willful, repeat, or failure-to-abate violation, capped at 35 points; cumulative penalty totals above $100K generate explicit signals
• EPA environmental compliance scoring evaluates violation status, significant non-compliance quarter counts, and hazardous waste/Superfund/contamination proximity, capped at 25 points
• USGS seismic scoring weights events by frequency and magnitude, with M4+ events triggering extra risk points and a max-magnitude bonus when any recorded event reaches M5.0 or above
• NOAA weather delay estimation converts alert severity into estimated weather-affected construction days — extreme events count 5 days, severe events 3 days, general alerts 1 day — producing a schedule impact number rather than just a list
• Corporate health analysis flags dissolved, inactive, and struck-off entities from OpenCorporates, and applies a 15-point penalty when no corporate registrations are found at all, signaling potential entity legitimacy risk
• Company deep research integration scans news and press signals for litigation, bankruptcy, fraud, and debarment mentions, each category carrying a weighted penalty in the final composite
• Federal Register regulatory density counts construction, building, safety, and OSHA-related regulations in the project's regulatory environment, distinguishing proposed rule changes from final rules
• Automatic DECLINE overrides apply when contractor risk reaches CRITICAL level, or when EXTREME site risk combines with a HIGH contractor risk rating, regardless of the composite formula result
• Structured recommendations generated per finding: seismic zones prompt engineering review requirements, serious OSHA violations prompt third-party safety monitor requirements, high EPA violations prompt pre-construction environmental audits
• Raw data passthrough — up to 25 OSHA inspections, 15 EPA records, 20 corporate records, 5 company research results, 10 weather alerts, 15 seismic events, and 20 federal regulations are included in full in the output
• Parallel execution — all 8 sub-actor data pulls run concurrently, typically completing in 60-120 seconds per report

Use cases for contractor risk assessment

Construction lender underwriting

Loan officers and credit analysts at banks, credit unions, and non-bank lenders use this actor to build a data-backed risk exhibit for every construction loan file. Instead of relying on a contractor's self-reported safety record, you pull OSHA inspection history, EPA compliance status, and corporate standing directly from federal databases. The APPROVE/DECLINE verdict gives the credit committee a clear starting point, and the recommendations translate directly into loan conditions.

Surety bond analysis

Surety underwriters evaluating contractor bonding capacity need to assess operational risk alongside financial risk. OSHA violation patterns, EPA non-compliance history, and schedule risk signals all affect loss probability for a performance bond. This actor produces exactly the operational risk half of the analysis, which can be combined with financial statement review to produce a complete bonding recommendation.

Builder's risk and contractor liability insurance

Insurance underwriters pricing builder's risk policies or contractor general liability coverage use contractor safety history and site hazard profiles as primary rating factors. Pulling OSHA violation counts, serious violation classifications, cumulative penalty totals, and site-specific seismic and weather data — all from authoritative federal sources — produces a defensible actuarial exhibit rather than relying on contractor self-disclosure.

Subcontractor prequalification

General contractors and construction managers evaluating subcontractor bids use this actor as the first filter before inviting subs to a prequalification interview. Running a contractor risk assessment on every shortlisted subcontractor takes minutes and flags any with critical safety records, environmental compliance failures, or dissolved corporate entities before the project start date creates time pressure.

Real estate development due diligence

Developers and their project managers assess contractor risk as part of pre-construction due diligence alongside title, zoning, and environmental reviews. Site-specific scores for seismic activity, severe weather frequency, EPA contamination proximity, and regulatory density give the development team the context to negotiate appropriate contract terms, timeline buffers, and insurance requirements.

Private equity and M&A diligence

PE firms acquiring construction businesses or evaluating companies with significant construction operations use contractor risk assessment to quantify operational and regulatory exposure. OSHA penalty history, EPA violation records, and corporate entity complexity are all material to deal structuring and representations-and-warranties coverage decisions.

How to run a contractor risk assessment

1. Enter the contractor's name — Type the company name exactly as it appears on contracts or corporate filings, for example "Meridian Construction Group" or "Delta Industrial Contractors LLC". Partial names work but exact matches return more complete OSHA and corporate records.

2. Add the project site location — Enter a city and state ("Phoenix, AZ") or a full street address ("4800 N 22nd St, Phoenix, AZ 85016"). The location drives site hazard scoring: USGS earthquake records, NOAA weather alerts, and EPA contamination proximity are all location-specific. Skip this field to get contractor-only scoring without site context.

3. Select project type — Choose from commercial, residential, infrastructure, industrial, or mixed-use. This focuses the Federal Register regulation search on the relevant regulatory context. Default is commercial.

4. Click Start and wait — The actor runs all 8 data pulls in parallel. Most reports complete in 60-120 seconds. Download the result from the Dataset tab as JSON, CSV, or Excel.

Input parameters

Input examples

Standard contractor assessment with site location:

{
  "companyName": "Meridian Construction Group",
  "location": "Houston, TX",
  "projectType": "commercial"
}

Industrial project with full address:

{
  "companyName": "Delta Industrial Contractors LLC",
  "location": "4800 N 22nd St, Houston, TX 77022",
  "projectType": "industrial"
}

Contractor-only assessment (no site scoring):

{
  "companyName": "Apex Builders Inc"
}

Input tips

• Use the legal entity name — OSHA inspections and OpenCorporates records are indexed by the registered company name. "Turner Construction" returns more records than "Turner" alone.
• Include the location for infrastructure and industrial projects — Site risk scoring adds the most value for projects near seismic zones, flood-prone areas, or industrial brownfields. Commercial projects in low-risk locations can skip it.
• Set projectType to match your deal — The Federal Register search queries construction [projectType] safety regulation, so "industrial" or "infrastructure" returns more relevant regulatory context than leaving it as the default for non-commercial projects.

Output example

{
  "entity": "Meridian Construction Group",
  "compositeScore": 61,
  "verdict": "APPROVE_WITH_CONDITIONS",
  "contractorRisk": {
    "score": 47,
    "oshaViolations": 8,
    "seriousViolations": 3,
    "epaViolations": 2,
    "corporateEntities": 5,
    "riskLevel": "ELEVATED",
    "signals": [
      "3 serious/willful OSHA violations — major safety concern",
      "$145K in OSHA penalties — pattern of non-compliance",
      "8 OSHA inspections — frequent regulatory attention"
    ]
  },
  "siteRisk": {
    "score": 29,
    "seismicEvents": 3,
    "weatherAlerts": 5,
    "environmentalFlags": 1,
    "riskLevel": "MODERATE",
    "signals": []
  },
  "scheduleRisk": {
    "score": 38,
    "weatherDays": 9,
    "regulatoryActions": 4,
    "riskLevel": "MINOR_DELAYS",
    "signals": []
  },
  "regulatoryCompliance": {
    "score": 34,
    "regulationCount": 6,
    "oshaRequirements": 8,
    "epaRequirements": 3,
    "burdenLevel": "STANDARD",
    "signals": []
  },
  "allSignals": [
    "3 serious/willful OSHA violations — major safety concern",
    "$145K in OSHA penalties — pattern of non-compliance",
    "8 OSHA inspections — frequent regulatory attention"
  ],
  "recommendations": [
    "Require safety improvement plan and third-party safety monitor",
    "Environmental compliance audit required before project start"
  ],
  "input": {
    "companyName": "Meridian Construction Group",
    "location": "Houston, TX",
    "projectType": "commercial"
  },
  "dataSources": {
    "companyResearch": 3,
    "corporateRecords": 5,
    "epaRecords": 6,
    "oshaInspections": 8,
    "weatherAlerts": 5,
    "geocodingResults": 1,
    "seismicEvents": 3,
    "federalRegulations": 6
  },
  "rawData": {
    "oshaInspections": [ ... ],
    "epaRecords": [ ... ],
    "corporateRecords": [ ... ],
    "companyResearch": [ ... ],
    "weatherAlerts": [ ... ],
    "seismicEvents": [ ... ],
    "regulations": [ ... ]
  },
  "generatedAt": "2026-03-20T14:22:05.431Z"
}

Output fields

How much does it cost to run a contractor risk assessment?

Contractor Risk Report uses pay-per-run pricing — you pay approximately $0.25-$0.60 per report depending on the volume of regulatory data returned. Platform compute costs are included. The Apify free tier includes $5 of monthly credits, enough for 8-20 reports at no charge.

You can set a maximum spending limit per run to control costs. The actor stops when your budget is reached.

Compare this to ISN, Avetta, or BROWZ at $3,000-$15,000 per year for subscription access — with Contractor Risk Report, most users spend $20-100/month with no annual commitment and no requirement for the contractor to self-enroll.

Contractor risk assessment using the API

Python

from apify_client import ApifyClient

client = ApifyClient("YOUR_API_TOKEN")

run = client.actor("ryanclinton/contractor-risk-report").call(run_input={
    "companyName": "Meridian Construction Group",
    "location": "Houston, TX",
    "projectType": "commercial"
})

for item in client.dataset(run["defaultDatasetId"]).iterate_items():
    print(f"Contractor: {item['entity']}")
    print(f"Composite score: {item['compositeScore']}/100")
    print(f"Verdict: {item['verdict']}")
    print(f"Contractor risk: {item['contractorRisk']['riskLevel']} ({item['contractorRisk']['score']})")
    print(f"Signals: {item['allSignals']}")
    print(f"Recommendations: {item['recommendations']}")

JavaScript

import { ApifyClient } from "apify-client";

const client = new ApifyClient({ token: "YOUR_API_TOKEN" });

const run = await client.actor("ryanclinton/contractor-risk-report").call({
    companyName: "Meridian Construction Group",
    location: "Houston, TX",
    projectType: "commercial"
});

const { items } = await client.dataset(run.defaultDatasetId).listItems();
for (const item of items) {
    console.log(`Contractor: ${item.entity}`);
    console.log(`Composite score: ${item.compositeScore}/100`);
    console.log(`Verdict: ${item.verdict}`);
    console.log(`OSHA violations: ${item.contractorRisk.oshaViolations} (${item.contractorRisk.seriousViolations} serious)`);
    console.log(`Recommendations: ${item.recommendations.join(", ")}`);
}

cURL

# Start the actor run
curl -X POST "https://api.apify.com/v2/acts/ryanclinton~contractor-risk-report/runs?token=YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "companyName": "Meridian Construction Group",
    "location": "Houston, TX",
    "projectType": "commercial"
  }'

# Fetch results (replace DATASET_ID from the run response)
curl "https://api.apify.com/v2/datasets/DATASET_ID/items?token=YOUR_API_TOKEN&format=json"

How Contractor Risk Report works

Phase 1: Parallel data collection from 8 federal sources

The actor dispatches all 8 sub-actor calls concurrently using Promise.all, so data collection time is bounded by the slowest source rather than the sum of all sources. Data pulls include: the OSHA inspection database (company name search), EPA ECHO environmental compliance system (company name plus location), OpenCorporates global corporate registry (company name), a company deep research actor (company name plus project type), NOAA National Weather Service active alerts (location query), USGS earthquake catalog (location query), a Nominatim geocoder for area density context, and the Federal Register API queried with construction [projectType] safety regulation. Each sub-actor is allocated 512 MB of memory and a 120-second timeout. If any sub-actor fails, its result defaults to an empty array and scoring proceeds with available data.

Phase 2: Four-axis risk scoring

Each of the four scoring models runs independently against the collected data:

Contractor risk (max 100, weight 30%): OSHA scoring awards 3 points per inspection and 8 points per serious/willful/repeat/failure-to-abate violation, capped at 35 points; $100K+ cumulative penalties and 5+ inspections each generate explicit signals. EPA scoring awards 4 points per violation and 8 points per significant non-compliance event (defined as 4+ quarters in non-compliance or a status string containing "significant"), capped at 25 points. Corporate scoring applies a 15-point base penalty for zero registrations and 5 points per dissolved/inactive/struck entity, capped at 20 points. Company research scoring adds 3 points for litigation/lawsuit mentions, 5 points for bankruptcy/default mentions, and 5 points for fraud/debarment mentions, capped at 20 points.

Site risk (max 100, weight 25%): Seismic scoring awards 2 points per event, 5 points per M4+ event, and a 10-point bonus for any event reaching M5.0+, capped at 30 points. Weather scoring awards 3 points per alert plus 5 additional points per alert classified as extreme/severe or involving tornado, hurricane, or flood events, capped at 30 points. Environmental contamination scoring awards 5 points per EPA record containing ENVIRONMENTAL_FLAGS keywords (hazardous waste, contamination, toxic, superfund, violation, penalty), capped at 25 points.

Schedule risk (max 100, weight 20%): Weather delay estimation converts each alert to estimated construction delay days (extreme events = 5 days, severe/flood/storm = 3 days, other = 1 day), then scores delay days at 2 points each, capped at 35 points. Federal Register scoring awards 2 points per entry, 4 per proposed rule, and 6 per enforcement/stop-work action, capped at 30 points. OSHA stop-work scoring awards 5 points per serious violation and 2 per inspection, capped at 20 points. A compounding factor adds up to 15 extra points when weather delays and serious violations co-occur.

Regulatory compliance burden (max 100, weight 25%): Federal Register scoring counts construction/building/safety/OSHA-related regulations and proposed changes; OSHA zone density applies 3 points per inspection; EPA burden scoring counts permits (NPDES mentions) and cleanup/remediation/Superfund sites. A cumulative burden factor adds a further 0.5 points per total data item across all regulatory agencies.

Phase 3: Composite scoring and verdict

The composite approval score inverts all four risk scores: compositeScore = (100 - contractorRisk) * 0.30 + (100 - siteRisk) * 0.25 + (100 - scheduleRisk) * 0.20 + (100 - regulatoryCompliance) * 0.25. A composite of 70+ = APPROVE, 50-69 = APPROVE_WITH_CONDITIONS, 30-49 = ENHANCED_REVIEW, below 30 = DECLINE. Two hard overrides apply regardless of the composite formula: a CRITICAL contractor risk level forces DECLINE, and EXTREME site risk combined with HIGH contractor risk also forces DECLINE.

Phase 4: Recommendations and output assembly

The recommendations engine applies conditional logic to the scoring results: 2+ serious OSHA violations trigger a third-party safety monitor requirement; 2+ EPA violations trigger a pre-construction environmental audit requirement; 3+ seismic events trigger a seismic engineering review requirement; 2+ environmental flags trigger a Phase I/II site assessment recommendation; 10+ estimated weather days trigger a timeline buffer recommendation; HEAVY or PROHIBITIVE regulatory burden triggers a regulatory counsel recommendation; and zero corporate registrations trigger a contractor licensing verification requirement. All raw records are packaged in the output alongside the scored report, with per-source record count limits (25/15/20/5/10/15/20) to keep output size manageable.

Tips for best results

1. Match the company name to its OSHA-registered name. OSHA inspection records are indexed by the name on the citation, which is sometimes the legal entity name ("Turner Construction Company, Inc.") rather than the trade name ("Turner Construction"). Try both if the first search returns no inspections.

2. Include the address for industrial and infrastructure projects. Site risk scoring is most meaningful for projects near coasts (hurricane and flood risk), the Gulf Coast (hurricane and industrial contamination), the Pacific Coast (seismic risk), or known brownfield corridors. For office buildings in low-risk urban cores, the site risk component will be low regardless.

3. Run a contractor-only assessment first. If companyName alone returns a CRITICAL or DECLINE result, you can skip the location-based data pull entirely and save time. Use the no-location input template for the initial screen.

4. Combine with financial data for full underwriting. This actor covers operational and regulatory risk. For a complete underwriting package, pair it with a company financial review. The raw companyResearch field in the output contains news and press signals that often include financial distress indicators.

5. Use the rawData fields for deeper review. The raw OSHA inspection records include individual violation types, penalty amounts, and inspection dates. When a report returns ELEVATED or HIGH contractor risk, reviewing the raw records in rawData.oshaInspections tells you whether violations are recent or historical — a relevant distinction for credit decisions.

6. Batch similar-risk contractors in a single scheduling window. Running 20 subcontractor assessments as 20 separate on-demand runs at random times costs the same as 20 scheduled runs, but batching them after hours takes advantage of Apify's lower compute pricing during off-peak slots.

7. Store reports for audit trail purposes. Downloading results to your loan file or deal folder creates a timestamped record of due diligence. The generatedAt field provides the ISO timestamp. For regulated lenders, this documentation supports examiners reviewing construction loan credit files.

Combine with other Apify actors

Limitations

• Data is sourced from public federal databases. OSHA inspection records, EPA compliance data, and Federal Register entries reflect what has been reported and published by federal agencies. Unreported violations, pending investigations, or state-level enforcement actions not mirrored in federal systems are not captured.
• OSHA coverage varies by contractor type. Self-employed contractors without employees, some agricultural workers, and state and local government employees are outside federal OSHA jurisdiction in some states. Contractors in state-plan states (California, Washington, Michigan, etc.) have OSHA records in the federal system but enforcement may differ.
• Corporate records depend on OpenCorporates coverage. OpenCorporates aggregates from many jurisdictions but coverage depth varies by state and country. Privately held LLCs formed in some states may have limited public filing data.
• Site risk requires a recognizable location string. The Nominatim geocoder and USGS/NOAA searches need a city/state or address format. Vague inputs like "Southeast US" or "Near Dallas" may return incomplete or no geographic data.
• Weather alerts reflect current conditions. NOAA weather alerts are active alerts at the time of the run, not historical climate data. A run in summer in Florida will return more severe weather context than the same run in March. For projects assessed months before construction starts, consider re-running the report closer to the project start date.
• Company research signals are heuristic. The litigation, bankruptcy, fraud, and debarment signals are detected by keyword matching in aggregated news and press results. They can produce false positives for companies whose news coverage mentions these topics in an unrelated context.
• Report generation is not real-time for large contractors. Very large contractors with extensive OSHA and corporate records may push the 120-second sub-actor timeout. In those cases, the scoring model runs with whatever records were retrieved before timeout.
• This actor does not replace licensed professional opinions. The output is a data-aggregation tool, not a legal, engineering, or licensed underwriting opinion. Decisions about loan approval, insurance coverage, bond issuance, or contractor qualification should incorporate professional judgment alongside this data.

Integrations

• Zapier — trigger a contractor risk assessment automatically when a new deal is added to your pipeline CRM
• Make — build multi-step workflows that run the assessment, parse the verdict, and route the deal to the appropriate underwriter queue
• Google Sheets — export batch assessment results to a tracking spreadsheet for portfolio-level contractor risk monitoring
• Apify API — embed contractor screening directly into your loan origination system, bond management platform, or construction management software
• Webhooks — trigger downstream workflows in your underwriting system when a run completes with a DECLINE or ENHANCED_REVIEW verdict
• LangChain / LlamaIndex — feed the structured JSON report into an LLM workflow to generate plain-language credit memos or risk summaries for deal committees

Troubleshooting

• No OSHA violations returned despite known inspection history — OSHA records are indexed by the legal entity name on the citation. Try the exact registered entity name, including corporate suffix (LLC, Inc., Corp.). Large parent companies may have violations recorded under subsidiary names. Check rawData.oshaInspections in the output to confirm what was retrieved.

• Verdict is DECLINE but composite score seems reasonable — Two hard override rules apply regardless of the composite formula. If contractorRisk.riskLevel is CRITICAL, the verdict is forced to DECLINE. If siteRisk.riskLevel is EXTREME and contractorRisk.riskLevel is HIGH, the verdict is also forced to DECLINE. Review the individual sub-scores rather than just the composite.

• dataSources shows zero records for all sources — This usually means a sub-actor timeout or API error during the parallel data collection phase. Check that your Apify account has sufficient credits and that you are not hitting rate limits on a large batch. Re-running the report typically resolves transient failures.

• Site risk score is zero despite entering a location — This occurs when the location string cannot be resolved by the Nominatim geocoder, causing the USGS and NOAA sub-actors to receive an empty query. Use a specific city-state format ("Houston, TX") or a full address. Avoid abbreviations or informal place names.

• Schedule risk shows CRITICAL but contractor risk is LOW — This can occur for project sites with extreme active weather (multiple hurricane or tornado alerts active simultaneously) combined with a high density of Federal Register enforcement actions. The schedule risk model is location-sensitive and reflects current conditions at the time of the run.

Responsible use

• This actor only accesses publicly available data from federal government databases (OSHA, EPA, NOAA, USGS, Federal Register) and public corporate registries.
• Respect the terms of service of each underlying data source.
• Comply with applicable fair lending, equal credit opportunity, and anti-discrimination laws when using risk scores in credit or underwriting decisions.
• Do not use OSHA or EPA records in isolation to discriminate against contractors without considering context, remediation history, or recency of violations.
• For guidance on web scraping legality, see Apify's guide.

FAQ

How accurate is the contractor risk assessment scoring model? The scoring model applies fixed weights and thresholds derived from the relative severity of each risk category in construction lending and insurance underwriting practice. It is calibrated to flag known risk patterns — serious OSHA violations, significant EPA non-compliance, dissolved corporate entities — with appropriate weight. The scores are consistent and reproducible for a given dataset, but they are not actuarially validated against historical loss data. Use them as a structured due diligence exhibit alongside professional judgment.

How many contractors can I assess in one run? Each run processes one contractor. To assess multiple contractors, trigger separate runs via the API or schedule multiple runs in sequence. For large batches of 50+ contractors, consider using the Apify scheduling feature to run assessments in parallel rather than sequentially.

Does contractor risk assessment work for subcontractors as well as prime contractors? Yes. The actor searches OSHA inspection records and OpenCorporates by company name regardless of whether the company operates as a prime contractor or subcontractor. Small subcontractors with fewer OSHA inspections will naturally return lower scores — the model responds to the available data.

How long does a typical contractor risk assessment run take? Most runs complete in 60-120 seconds. The 8 sub-actor data pulls run in parallel, so total time is approximately equal to the slowest individual source, not their sum. Contractors with extensive OSHA or EPA records may take slightly longer as record retrieval takes more time.

How is Contractor Risk Report different from ISN, Avetta, or BROWZ? ISN, Avetta, and BROWZ are subscription platforms that require contractors to self-enroll and self-report safety statistics. This actor pulls directly from federal government databases — no contractor participation required, no self-reported data. You can run a risk assessment on any contractor in under two minutes without their knowledge or cooperation, which is essential for subcontractor screening and competitive bid evaluation.

What does the APPROVE_WITH_CONDITIONS verdict mean? A composite score between 50 and 69 produces this verdict. It indicates that the data does not support an outright approval or decline — typically because one risk axis is ELEVATED or HIGH while others are LOW or MODERATE. The recommendations field contains specific conditions that should be imposed: for example, a third-party safety monitor requirement or a pre-construction environmental audit.

Can I use this actor to screen contractors in states with their own OSHA programs? Yes. Federal OSHA and state-plan OSHA states both contribute to the same national inspection database queried by this actor. California (Cal/OSHA), Washington (WISHA), Michigan (MIOSHA), and other state-plan states have their inspection records included in the federal system.

Is it legal to check contractor OSHA and EPA records without their consent? OSHA inspection records and EPA compliance data are public federal records, available to anyone through government databases and Freedom of Information Act requests. Accessing them through this actor carries the same legal status as looking them up directly on the OSHA website or EPA ECHO portal. No contractor consent is required. For guidance on data use legality, see Apify's guide.

What happens if no corporate records are found for a contractor? The corporate health sub-model applies a 15-point risk penalty when OpenCorporates returns zero results for a company name. This is treated as a negative signal — unlicensed or unregistered entities represent elevated risk in construction contracting. The recommendations field will include "Verify contractor licensing and corporate standing" when this occurs.

Can I schedule this actor to run regularly on a portfolio of contractors? Yes. Use the Apify scheduling feature to run recurring assessments on a list of active contractors. Because each run requires a single company name input, you can trigger batches of runs via the API to process a portfolio systematically. For portfolio monitoring, store the compositeScore, verdict, and generatedAt from each run to track risk trends over time.

How does the automatic DECLINE override work? Two conditions trigger an automatic DECLINE regardless of the composite score. First, if contractorRisk.riskLevel equals CRITICAL (score 80+), the verdict is forced to DECLINE. Second, if siteRisk.riskLevel is EXTREME and contractorRisk.riskLevel is HIGH simultaneously, the verdict is also forced to DECLINE. These overrides prevent borderline composite scores from producing approval verdicts in unacceptable risk combinations.

What if the run returns empty results for most data sources? Check dataSources in the output — it shows the record count from each of the 8 sources. If most counts are zero, it typically indicates a sub-actor timeout caused by insufficient Apify credits or a transient API issue. Re-running the report resolves most cases. If OSHA and corporate records consistently return zero, try alternate spellings of the company name.

Help us improve

If you encounter issues, you can help us debug faster by enabling run sharing in your Apify account:

1. Go to Account Settings > Privacy
2. Enable Share runs with public Actor creators

This lets us see your run details when something goes wrong, so we can fix issues faster. Your data is only visible to the actor developer, not publicly.

Support

Found a bug or have a feature request? Open an issue in the Issues tab on this actor's page. For custom solutions or enterprise integrations, reach out through the Apify platform.