---
title: API Evangelist Scores 83% Agent-Ready — And the Last 17% Doesn't Apply
url: http://apievangelist.com/blog/2026/05/20/api-evangelist-scores-83-percent-agent-ready/
date: '2026-05-20'
author: ''
feed_url: https://apievangelist.com/atom.xml
---
Cloudflare put out a new tool this week called isitagentready.com. You hand it a URL and it scans for the emerging conventions an agent would look for — robots.txt shape, Content Signals, sitemap, RFC 8288 Link headers, markdown content negotiation, RFC 9727 API catalogs, MCP server cards, Agent Skills indexes, OAuth discovery, agentic commerce protocols. It gives you a number out of 100 and a level. I ran it against apievangelist.com. The result: 83. Level 5. Agent-Native. That’s the second-highest tier the scanner gives out. It’s not nothing — but the more interesting story is what scored and what didn’t. The Three Categories That Scored 100% Discoverability — 3/3. The scanner pulled my robots.txt, validated the structure, extracted the sitemap directive, fetched sitemap.xml, parsed the homepage Link header, and pulled five RFC 8288 link relations — including the api-catalog and alternate; type="text/markdown" rels that matter for agents. I wrote about this last week — every HTML response across the network now ships a self-describing Link header through the Cloudflare Worker. The scanner saw it. Content — 1/1. Send Accept: text/markdown to my homepage and you get text/markdown; charset=utf-8 back. That’s the Worker doing markdown content negotiation in front of GitHub Pages, which on its own only knows how to serve HTML. This is the single most visible thing the agent-readability work bought me — and the scanner caught it on a 143ms request. Bot Access Control — 2/2. The robots.txt has explicit Allow: / entries for thirteen named AI bots (GPTBot, ChatGPT-User, ClaudeBot, Claude-Web, anthropic-ai, Google-Extended, CCBot, ByteSpider, PerplexityBot, Cohere-AI, Applebot-Extended, Meta-ExternalAgent, FacebookBot, Diffbot) plus a Content-Signal: ai-train=yes, search=yes, ai-input=yes directive declaring consent in the format the Cloudflare Content Signals draft and IETF AIPREF working group are converging on. The point of those last two: my position has always been yes, train on this, yes, ground on this, yes, search this. I am writing for the web, the agents are the web’s new readers. The scanner verified that the consent is published in the right place, in the right shape. API, Auth, MCP & Skill Discovery — 4/6 This is where the score got dinged, and where it gets more interesting. The four passes: API Catalog at /.well-known/api-catalog — RFC 9727 linkset, application/linkset+json content-type, two anchored entries (the contracts API and the agent skills surface). The scanner validated the structure and the type. MCP Server Card at /.well-known/mcp/server-card.json — and at /.well-known/mcp/server-cards.json and at /.well-known/mcp.json. I publish it at all three because the convention hasn’t stabilized; agents pulling from any of those paths get the same SEP-format card. Agent Skills index at /.well-known/agent-skills/index.json — three skills published in the v0.2.0 format with a $schema field. WebMCP — the scanner navigated to the homepage, ran the JavaScript, and found 4 tools registered against navigator.modelContext via the imperative WebMCP API. I have not blogged about that yet. It’s there, and the scanner saw it. The two misses are both OAuth checks: OAuth / OIDC discovery — /.well-known/openid-configuration and /.well-known/oauth-authorization-server both return 404....