Services
Five offerings. Async-only. One business day response.
A measurement of how agent-ready your site and APIs are today, with a prioritized list of what to fix first.
What you get
- Two independent scanners run against the site or API
- Manual review of /.well-known/ manifests, JSON-LD, head metadata and HTTP headers
- Review of robots.txt, sitemap.xml, ai.txt and llms.txt against current agent norms
- A live check of how AI assistants and agents retrieve and answer questions about the site or API today, across several AI platforms
- Written report with findings ranked by score impact and implementation cost
- One round of written follow-up questions
What you do not get
- Calls or meetings
- Implementation of the fixes (separate engagement)
- Ongoing monitoring (separate engagement)
Large sites are covered in full. If a site is big enough that the live checks reach a tool quota, the quota is raised rather than the coverage reduced. Once the audit is complete, the fixes it lists are typically about a day of implementation work, whether your team does them or I do.
Suited for teams that want a clear picture of where they stand before deciding what to do about it.
Ongoing input on agent-readiness as part of your product roadmap, with tracking of how the scores change over time.
What you get
- Monthly re-scan and score delta report
- Written review of any agent-readiness related work your team ships, within one business day
- Roadmap input on what to ship next and why
- Async channel for questions (email or shared doc)
- Quarterly summary of measurable progress
Suited for teams treating agent-readiness as an ongoing product responsibility rather than a one-off cleanup.
Hands-on work on the fixes the audit identified, or new agent-ready infrastructure built from scratch.
Typical work
- Cloudflare Workers for head metadata and /.well-known/ files served at the edge
- MCP servers exposing read-only product data to agents
- JSON-LD generators for product, organization and article schemas
- ai.txt and llms.txt authoring
- Signed content and agent authentication patterns
Scoped repository write access per task. No retainer.
The work beyond readiness, for teams moving from "an agent can read us" to "an agent can act on a system that matters." Two things decide whether an agent acts correctly. The data it works from has to arrive intact, even over links that drop or lag. And the decisions it is allowed to make have to sit inside an envelope of permissions and thresholds you set deliberately.
Typical work
- Review of the data path an agent depends on, and where it breaks under real network conditions
- The permission and threshold envelope that bounds what an agent may decide and act on
- Where a human stays in the loop, and how control passes between person and agent
- Guardrails and verification so an agent's decisions can be checked after the fact
Scope and price vary with the system.
Suited for teams letting agents act on data and decisions that matter, not only read a marketing site.
An MCP server built for your product, exposing read-only data to agents over streamable HTTP transport. No auth surface and no logging by default.
Typical work
- Read-only discovery tools over your product data
- Streamable HTTP transport with no auth surface and no logging by default
- An MCP server card at /.well-known/mcp/server-card.json so agents can discover the server
- Registry publication so the server is findable in MCP directories
Suited for teams that want agents to read product data through a supported interface rather than scraping HTML.
The agent-ready badge
Sites that complete an audit, or score 100/100 on a public agent-readiness scanner, may display the agent-ready badge.
How to start
Email info@turva.dev with the site or API you want audited. I respond within one business day with a fixed quote and a start date.
No calls or calendar links, and no discovery sessions.
All prices exclude VAT. 25,5% for Finnish customers, reverse charge for EU B2B, 0% for non-EU.