Server data from the Official MCP Registry
AEO tools for AI agents: crawler permissions, llms.txt, structured data, AI-readiness audit.
AEO tools for AI agents: crawler permissions, llms.txt, structured data, AI-readiness audit.
aeo-mcp is a well-architected MCP server with strong security practices. The codebase implements comprehensive SSRF protection with DNS validation, scheme restrictions, and redirect re-validation. All tools are read-only, no API keys are required, and sensitive credentials are not stored. Minor code quality observations exist around broad error handling, but they do not introduce security vulnerabilities. Supply chain analysis found 2 known vulnerabilities in dependencies (2 critical, 0 high severity). Package verification found 1 issue.
7 files analyzed · 6 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-arthurcarlsonn-aeo-mcp": {
"args": [
"-y",
"aeo-mcp"
],
"command": "npx"
}
}
}From the project's GitHub README.
An MCP server that gives AI agents — Claude, Claude Code, Cursor, anything speaking the Model Context Protocol — tools to inspect a website's visibility to AI answer engines. Crawler permissions, llms.txt, structured data, on-page signals, and a full 29-check AI-readiness audit (powered by answer-audit), each one tool call away. Read-only, no API keys, no telemetry.

Real session: Claude Desktop discovers The Verge allows GPTBot (OpenAI licensing deal) while blocking ClaudeBot, PerplexityBot, Google-Extended, and CCBot — one tool call.
Claude Code
claude mcp add aeo -- npx -y aeo-mcp
Claude Desktop (claude_desktop_config.json)
{ "mcpServers": { "aeo": { "command": "npx", "args": ["-y", "aeo-mcp"] } } }
Cursor (.cursor/mcp.json)
{ "mcpServers": { "aeo": { "command": "npx", "args": ["-y", "aeo-mcp"] } } }
| Tool | When the agent uses it | Input | Returns |
|---|---|---|---|
audit_url | "How visible is this site to ChatGPT/Perplexity?" — full AEO health check | { url } | 0-100 score, grade, category breakdown, failed/warned checks with fixes |
check_ai_crawlers | "Is GPTBot blocked?" — robots.txt policy per AI bot | { url } | Per-bot allow/block verdicts with the matching rule, plus sitemaps |
inspect_llms_txt | "Does this site have llms.txt? Is it valid?" | { url } | Title, summary, sections with links, structural issues, raw excerpt |
extract_structured_data | "What schema markup does this page have?" | { url } | JSON-LD types, key fields per node, parse errors |
extract_page_signals | "Why do engines misread this page?" | { url } | Title, meta description, h1, canonical, lang, text ratio, heading outline, client-side-rendering flag |
Bots checked by check_ai_crawlers: GPTBot, ClaudeBot, PerplexityBot, Google-Extended, CCBot, Bingbot.
The server fetches model-supplied URLs, so it ships with an SSRF guard: http/https only, DNS resolution checked against private and special ranges (loopback, RFC1918, link-local, unique-local, IPv4-mapped forms), re-validation on every redirect hop, 10 s timeout, 2 MB body cap, max 5 redirects. Violations return a clean tool error, never an exception. All tools are read-only and no LLM calls happen inside the server.
npm install
npm run build # required before npm test (the protocol test runs dist/)
npm test
Tests include a scripted stdio round-trip (initialize → tools/list → tools/call) against the built server. To inspect interactively:
npx @modelcontextprotocol/inspector node dist/index.js
MIT © Arthur Carlson
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.