Server data from the Official MCP Registry
Audits any website for AI agent readiness and safety, scoring prompt injection risk and llms.txt.
Audits any website for AI agent readiness and safety, scoring prompt injection risk and llms.txt.
Valid MCP server (2 strong, 3 medium validity signals). No known CVEs in dependencies. Package registry verified. Imported from the Official MCP Registry.
13 files analyzed · 1 issue found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-asish-singh-agent-readiness-auditor": {
"args": [
"-y",
"agent-readiness-auditor"
],
"command": "npx"
}
}
}From the project's GitHub README.
A command-line tool that scans a website and scores how well it works with, and how well it defends against, automated AI agents.
AI assistants increasingly visit websites on a person's behalf: reading pages, following instructions found on them, and taking actions. This creates two practical issues for site owners:
Standard SEO tools measure how well a site works for search engines. This tool measures something different: how well a site works for AI agents, and whether it is safe for them to read.
The State of the Agentic Web, 2026 audits 84 prominent sites across seven categories with this tool. Among the findings, no audited site carried hidden prompt injection content, 36% publish llms.txt, and nearly one in five prominent sites refuses automated visitors entirely, including several AI companies. The data and method are published for anyone to reproduce.
The tool fetches a URL and runs five checks, producing a score from 0 to 100 and a letter grade from A to F. Safety is weighted highest on purpose, because a readable site that can hijack an agent is worse than one that is simply hard to read.
| Check | Points | What it looks for |
|---|---|---|
| Hidden prompt-injection text | 40 | Text hidden from humans (for example display:none or opacity:0) that contains agent-hijacking phrases such as "ignore previous instructions". |
llms.txt file | 15 | A published file that gives agents a curated map of the site. See llmstxt.org. |
robots.txt stance on AI crawlers | 15 | Explicit allow or disallow rules for AI crawlers such as GPTBot and ClaudeBot. |
| Structured data (JSON-LD) | 15 | Machine-readable data that lets agents understand page content directly. |
| Accountability links | 15 | Reachable contact, privacy, terms, or about links. |
$ npx agent-readiness-auditor example.com
Agent readiness audit for https://example.com
✅ No hidden prompt-injection payloads (40/40)
⚠️ llms.txt present (0/15)
⚠️ robots.txt addresses AI crawlers (0/15)
⚠️ Machine-readable structured data (0/15)
⚠️ Accountability surface present (0/15)
Score: 40/100 (40%) Grade D
Each line shows the check result, its score, and (when a check does not fully pass) a suggested fix.
If you have Node.js 18 or newer installed, you can run the tool in one line without installing anything:
npx agent-readiness-auditor example.com
npx agent-readiness-auditor example.com --json
Use a bare domain (example.com) or a full URL (https://example.com). The --json flag prints machine-readable output for use in scripts.
Batch mode reads a text file with one URL per line (lines starting with # are ignored) and audits them a few at a time.
agent-audit --batch sites.txt # a report per site
agent-audit --batch sites.txt --csv # one CSV row per site
agent-audit --batch sites.txt --json # structured results
The CSV has a column for each check, which makes it easy to open in a spreadsheet or feed into an analysis.
The repo doubles as a GitHub Action, so any project can audit its own site on every push or on a schedule and fail the build if a hard safety problem appears.
steps:
- uses: actions/setup-node@v4
with:
node-version: 20
- uses: asish-singh/agent-readiness-auditor@v0.3.0
with:
url: example.com
fail-on: safety # or "never" to report without failing
An unreachable site produces a warning, not a failure, since bot protection on CI runners is an infrastructure issue rather than a safety one. This repo uses the action on itself every Monday in audit-site.yml.
The auditor ships with a server for the Model Context Protocol, the standard that lets AI assistants use external tools. Once connected, you can simply ask your assistant to audit a site for you.
For Claude Code, one command connects it.
claude mcp add agent-readiness-auditor -- npx -y --package=agent-readiness-auditor agent-audit-mcp
For Claude Desktop, add this to the mcpServers section of the configuration file.
{
"agent-readiness-auditor": {
"command": "npx",
"args": ["-y", "--package=agent-readiness-auditor", "agent-audit-mcp"]
}
}
The server exposes one tool, audit_site, which takes a URL and returns the same scores and findings as the command line.
To work on the code or run it from a local copy:
git clone https://github.com/asish-singh/agent-readiness-auditor.git
cd agent-readiness-auditor
npm install
npm run audit -- example.com # human-readable report
npm run audit -- example.com --json # JSON output
The -- in the command passes the URL to the tool rather than to npm.
To install a global agent-audit command from your local copy:
npm run build # compile TypeScript into dist/
npm link # register the global command
You can then run agent-audit example.com from any folder. To remove it later, run npm unlink -g agent-readiness-auditor.
The package is also published to GitHub Packages as a scoped mirror, @asish-singh/agent-readiness-auditor. For most people the npm install above is simpler. Use GitHub Packages only if your organization standardizes on it, since it requires authentication even for public packages.
To install from it, create a GitHub personal access token with the read:packages scope, then point the scope at the GitHub registry:
echo "@asish-singh:registry=https://npm.pkg.github.com" >> .npmrc
echo "//npm.pkg.github.com/:_authToken=YOUR_GITHUB_TOKEN" >> .npmrc
npm install @asish-singh/agent-readiness-auditor
The tool sets its exit code so it can be used in automated pipelines:
0: the audit ran and found no hard safety failure.2: a hard safety failure was found (for example, hidden prompt-injection text). Use this to fail a build.1: the tool could not complete the audit (for example, the site was unreachable).Each check lives in its own file under src/checks/ and returns a structured result. All checks are registered in a single list in src/audit.ts, and the total score is derived from that list, so adding a new check does not require changing the scoring logic. Architecture decisions are recorded in docs/adr/, product decisions in docs/decisions/, planned work in ROADMAP.md, and the go-to-market plan in LAUNCH.md.
This tool grew out of the Agentic Web Governance Pack, a set of guidelines for how websites should behave toward AI agents. This project turns several of those guidelines into checks that can be run and measured.
MIT. See LICENSE.
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Web content fetching and conversion for efficient LLM usage
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
by Microsoft · Content & Media
Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption
by mcp-marketplace · Developer Tools
Search and install MCP servers from inside your AI client.