# Agent Readiness Score: the 11 /.well-known/ files to publish in 2026
> Cloudflare launched an Agent Readiness score on April 17, 2026. Here are the 11 /.well-known/ endpoints that move a DTC site from 25 to 90, with copy-paste examples and what actually works.
- Canonical HTML: https://verityscore.io/en/blog/well-known-agent-ready/
- Markdown alternate: https://verityscore.io/en/blog/well-known-agent-ready.md
- Language: en
- Content type: blog
- Published: 2026-04-25
- Updated: 2026-04-25
- Tags: well-known, agent-readiness, geo, aeo, ai, agent-card, llms-txt, web-bot-auth, mcp, shopify
# Agent Readiness Score: the 11 /.well-known/ files to publish in 2026

**In 60 words**: Cloudflare launched a 0-100 score on April 17, 2026 that measures how readable a site is to AI agents. First global verdict: 78% of sites have a robots.txt, but only 4% declare AI preferences and fewer than 15 sites worldwide support MCP Server Cards. Here are the 11 /.well-known/ endpoints that move a DTC site from 25 to 90, with copy-paste examples and what actually works.

## Why this article now

On April 17, 2026, Cloudflare published [isitagentready.com](https://isitagentready.com), a scanner that grades sites from 0 to 100 on their preparedness for AI agents. It is the first public benchmarking of e-commerce sites on this criterion. The same week, the IETF Web Bot Auth draft moved to version 05, the A2A AgentCard was registered with IANA, and Mark Nottingham published `draft-nottingham-rfc8615bis-02` to revise the RFC governing all these endpoints.

The terrain is unusual: a central topic, an empty competitive space in English long form, and fresh data that disproves much of what GEO marketing has been claiming.

## What is a /.well-known/ file?

A `/.well-known/` file is a standardized endpoint (RFC 8615) that sites publish at their domain root to expose machine-readable metadata. In 2026, AI agents and verification servers look there for files like `security.txt`, `agent-card.json`, or the Web Bot Auth public key to understand your site and verify the authenticity of bots that connect to it.

The standard dates to May 2019 (RFC 8615, Mark Nottingham). It defines a reserved URL prefix `/.well-known/` that no application should use for anything other than a discovery endpoint registered with IANA. The official registry contains around fifty entries today, of which about twenty are relevant for a standard website.

## How Cloudflare grades agent readiness

The 0-100 score from isitagentready.com covers 4 dimensions:

| Dimension | What is tested |
|---|---|
| Discoverability | robots.txt, sitemap, Link headers, AI bot directives |
| Content Accessibility | Markdown negotiation via Accept header, HTML vs Markdown content fidelity |
| Bot Access Control | Content Signals in robots.txt, Web Bot Auth |
| Capabilities | MCP Server Card, OAuth Protected Resource, commerce protocols (x402, MPP, UCP, ACP) |

The first global report Cloudflare published on April 17, 2026 quantifies the gap between available technical maturity and real adoption:

- 78% of sites have a `robots.txt`
- 4% declare AI preferences via Content Signals
- 3.9% support Markdown negotiation
- Fewer than 15 sites worldwide expose an MCP Server Card

That is the gap that turns this topic into an immediate authority lever: you do not need to be ahead of the curve to move from "basic" to "world-class", you just need to publish 5 files correctly.

## The 11 endpoints in 3 tiers

Most GEO articles mix ratified RFCs, IETF drafts, and private proposals. That is the field's main methodological mistake. An endpoint standardized for 7 years does not have the same status as a SEP opened on GitHub 6 months ago. Here is the clear separation.

### Tier 1 — Ratified RFCs to publish without reservation

These 5 endpoints are stabilized standards. No reason not to publish them in 2026.

#### 1. `/.well-known/security.txt` (RFC 9116)

Lets security researchers report a vulnerability. Technical maturity signal recognized by Google, security scanners, and bug bounty tools.

**Conformant template (GitHub style)**:

```
Contact: https://hackerone.com/your-brand
Acknowledgments: https://hackerone.com/your-brand/hacktivity
Preferred-Languages: en, fr
Canonical: https://your-brand.com/.well-known/security.txt
Policy: https://your-brand.com/security-policy
Hiring: https://your-brand.com/jobs
Expires: 2027-04-25T00:00:00Z
```

**Common mistake verified April 25, 2026**: Stripe's `security.txt` has `Expires: 2025-12-31`, expired 4 months ago and non-conformant to RFC 9116. Shopify's has neither `Expires` nor `Canonical`. These two are the counter-example. The expiration date must be less than 1 year in the future, with a cron job to regenerate it automatically.

#### 2. `/.well-known/change-password`

A simple HTTP 302 redirect to your password change page. WHATWG spec, supported by all password managers (1Password, iCloud Keychain, Bitwarden) to prompt password changes after a breach.

**Nginx implementation**:

```nginx
location = /.well-known/change-password {
    return 302 /account/security;
}
```

**Verified**: GitHub, Google, Facebook, Twitter return a proper 301/302. Shopify returns 404, so it does not support the standard natively. To publish via App Proxy or Cloudflare Worker.

#### 3. `/.well-known/openid-configuration` and `/.well-known/oauth-authorization-server`

OpenID Connect Discovery (2013) and OAuth 2.0 Authorization Server Metadata (RFC 8414, 2018) endpoints. Relevant if you operate an authentication server or your site offers SSO.

For a DTC site without an OAuth customer portal, these endpoints can be absent without major penalty. If present, the payload must list `issuer`, `authorization_endpoint`, `token_endpoint`, `jwks_uri`, and `scopes_supported`.

#### 4. `/.well-known/mta-sts.txt` (RFC 8461)

Email security policy. Lives on the `mta-sts.yourbrand.com` subdomain, not at the root domain.

**Gmail template (enforce mode, production)**:

```
version: STSv1
mode: enforce
mx: smtp.google.com
mx: gmail-smtp-in.l.google.com
mx: *.gmail-smtp-in.l.google.com
max_age: 86400
```

**Rollout template (testing mode)**:

```
version: STSv1
mode: testing
mx: in1-smtp.messagingengine.com
mx: in2-smtp.messagingengine.com
max_age: 86400
```

For a DTC site, start in `testing` for 30 days, monitor TLS-RPT reports, then move to `enforce`. This is the only endpoint in this tier that requires coordination with your email provider.

#### 5. `/.well-known/agent-card.json` (A2A Protocol)

Registered with the IANA registry on August 1, 2025, permanent status. Spec maintained at a2a-protocol.org, donated to the Linux Foundation by Google on June 23, 2025. Founding members: AWS, Cisco, Google, Microsoft, Salesforce, SAP, ServiceNow.

**Market check on April 25, 2026**: Anthropic, OpenAI, Vercel, Shopify, GitHub do NOT publish an agent-card. That is precisely the opportunity. Publishing a conformant agent-card today places your brand in a leading group of a few dozen sites worldwide.

**Minimal A2A v1 template**:

```json
{
  "name": "Your Brand",
  "description": "Clean DTC cosmetics brand. Main store and product catalog.",
  "version": "1.0.0",
  "url": "https://your-brand.com",
  "documentationUrl": "https://your-brand.com/help",
  "provider": {
    "organization": "Your Brand Inc.",
    "url": "https://your-brand.com",
    "contactEmail": "agents@your-brand.com"
  },
  "capabilities": {
    "streaming": false,
    "pushNotifications": false,
    "stateTransitionHistory": false
  },
  "skills": [
    {
      "id": "product-discovery",
      "name": "Product Discovery",
      "description": "Catalog of 120 serum and skincare products. Filters by skin type, concerns, active ingredients.",
      "tags": ["beauty", "skincare", "dtc"]
    }
  ],
  "authentication": { "schemes": ["none"] }
}
```

### Tier 2 — IETF draft but already in production

A single file in this category, and it is the most strategic of all.

#### 6. `/.well-known/http-message-signatures-directory` (Web Bot Auth)

The only `/.well-known/` with real, measurable operator adoption in April 2026. IETF draft `draft-meunier-http-message-signatures-directory-05` published March 2, 2026, applies RFC 9421 (HTTP Message Signatures). The `webbotauth` Working Group was formally chartered by the IETF.

**Operators publishing their Ed25519 public key** (verified April 25, 2026):
- ChatGPT Agent (OpenAI) — `https://chatgpt.com/.well-known/http-message-signatures-directory`
- Goose (Block)
- Browserbase — `https://www.browserbase.com/.well-known/http-message-signatures-directory`
- Anchor Browser
- Cloudflare Browser Rendering

**Server side**: Cloudflare and AWS WAF verify these signatures in their Verified Bots programs.

**Exact form of headers sent by a signed agent**:

```
Signature-Agent: "https://chatgpt.com"
Signature-Input: sig1=("@authority" "signature-agent");created=1735689600;expires=1735693200;keyid="otMqcjr17mGyruktGvJU8oojQTSMHlVm7uO-lrcqbdg";tag="web-bot-auth";alg="ed25519"
Signature: sig1=:base64url-Ed25519-signature==:
```

**JWKS template published at your endpoint**:

```json
{
  "keys": [
    {
      "kid": "abc123-thumbprint-jwk",
      "crv": "Ed25519",
      "kty": "OKP",
      "x": "your-public-key-base64url",
      "use": "sig",
      "nbf": 1735689600,
      "exp": 1777673926
    }
  ],
  "signature_agent": "https://your-brand.com",
  "purpose": "ai"
}
```

For a DTC site that only receives requests (not an emitting agent), this score dimension can stay empty without critical penalty. For a SaaS publisher or agent operator, it has become a de facto standard.

### Tier 3 — Private proposals, variable status

These 5 endpoints are spec proposals, non-standardized root files, or draft SEPs. Honesty required: they are not all production-ready.

#### 7. `/llms.txt` (root, not /.well-known/)

Spec proposed by Jeremy Howard (AnswerDotAI) on September 3, 2024. Lives at the domain root, not in `/.well-known/`. A GitHub issue proposed `/.well-known/llms.txt` but the spec kept the root location.

**Measured data on real effectiveness**:
- The [OtterlyAI study](https://otterly.ai/blog/the-llms-txt-experiment/) over 90 days and 62,100 AI bot visits measures llms.txt at **0.1% of AI traffic**.
- The [Search Engine Land study](https://searchengineland.com/does-llms-txt-matter-467740) on 10 sites over 180 days concludes: 8 sites with no measurable change, 2 gains attributable to new content, not the file.
- John Mueller (Google) publicly compares llms.txt to the meta keywords tag.
- SE Ranking measured adoption at 10.13% across 300,000 domains.

**Honest conclusion**: publishing llms.txt is useful as a technical credibility signal, as help for dev tools (Cursor, Continue, Aider), and as insurance against potential future adoption by a major model. Presenting it as an AI traffic lever is unsourced.

**Minimal format**:

```
# Your Brand

> DTC brand founded in 2018, clean vitamin C serums and short-ingredient skincare. 120 SKUs.

## Catalog

- [Vitamin C Serum 12%](https://your-brand.com/products/vitc-serum): Daily brightening, normal to combination skin
- [Hydrating Cream](https://your-brand.com/products/hydrating-cream): Light texture, sensitive skin

## Commitments

- [Full INCI composition](https://your-brand.com/inci): All detailed sheets
- [Made in France](https://your-brand.com/manufacturing): Cosmébio lab in Lyon
```

#### 8. `/.well-known/mcp/server-card.json` or `/.well-known/mcp` (MCP, draft)

Two active proposals in the modelcontextprotocol repo:
- **SEP-1649**: `/.well-known/mcp/server-card.json` with `serverInfo`, `transport`, `capabilities`, `authentication`, `tools`, `prompts`. Opened October 14, 2025.
- **SEP-1960**: `/.well-known/mcp` with enumeration and auth discovery.

**As of April 25, 2026, neither is merged in the MCP core spec.** Anthropic, Cloudflare, Shopify do not publish these files. For today, expose your MCP server directly via `mcp.yourbrand.com/mcp` and reference it in the `mcpEndpoint` field of your agent-card.json. Wait for SEP stabilization before investing.

#### 9. `/.well-known/api-catalog` (RFC 9727, December 2024)

Recently ratified RFC, but marginal adoption. Lets you point to a file describing your domain's public APIs. Relevant if you expose a documented public API. For a DTC display site, can be omitted without penalty.

#### 10. `/.well-known/oauth-protected-resource` (RFC 9728, October 2024)

Metadata for an OAuth-protected resource. Reference for OAuth 2.1. Like api-catalog, relevant for SaaS publishers more than DTC sites.

#### 11. `/.well-known/ai-plugin.json` (deprecated, to know about)

Historical ChatGPT Plugins format. Deprecated by OpenAI on April 9, 2024, replaced by Custom GPTs and then MCP. Mention only as a counter-example: a `/.well-known/` endpoint can fall into disuse quickly when its sponsor pivots. Do not implement it in 2026.

## What actually works, what does not

This section says what other GEO articles do not, because primary sources contradict them.

### What works

**Web Bot Auth** is the only `/.well-known/` with real server-side adoption. Cloudflare uses it to identify ChatGPT Agent (tag `chatgpt-agent`, detection ID 129220581). AWS WAF integrated it in November 2025. It is the mechanism that distinguishes a legitimate agent from a stealth crawler.

**security.txt** and **mta-sts.txt** are mature standards consulted by security scanners, email reputation tools (Talos, Spamhaus), and bug bounty programs. Publishing a security.txt conformant to RFC 9116 improves technical E-E-A-T scores.

**agent-card.json** does not yet have proven agent adoption, but the standard is IANA-ratified and donated to the Linux Foundation. Publishing today places your brand in a leading group of a few dozen sites worldwide, with the early-adopter media coverage benefit.

### What does not work (yet)

**llms.txt**: 0.1% of AI traffic measured by OtterlyAI. No major LLM provider commits to it as a first-class input. To publish for dev tools and credibility, not for traffic.

**The "AI agents read agent-card.json before navigating" narrative**: no official OpenAI, Anthropic, Google, or Perplexity announcement confirms this practice in April 2026. Agents (ChatGPT Atlas, Claude Computer Use, Perplexity Comet, Gemini Deep Research) browse like Chromium browsers and render JS like a human. Presenting agent-card as "read by agents before visit" is marketing projection, not fact.

**AI crawlers and JavaScript**: per Vercel's direct monitoring on nextjs.org (December 2024), none of the major crawlers (GPTBot, ClaudeBot, PerplexityBot, MetaBot) execute JavaScript. Only Gemini does, via Googlebot infrastructure. Implication: a site that depends on JS to render price, stock, or reviews is invisible to these bots, regardless of `/.well-known/`.

**The crawl-to-refer ratio** (Cloudflare, July 2025) shows the asymmetry: Anthropic crawls 38,065 pages per 1 referred visitor, OpenAI 1,091 to 1, Perplexity 194 to 1. Publishing your `/.well-known/` files does not change this asymmetry, but improves your odds of being cited when you are.

## Shopify checklist: what can be published natively

For a standard Shopify store, here is what passes natively and what requires a workaround.

| Endpoint | Native Shopify | Workaround |
|---|---|---|
| `apple-app-site-association` | Yes | None |
| `assetlinks.json` | Yes | None |
| `security.txt` | No | Shopify page with `page.security-txt.liquid` template + server redirect |
| `change-password` | No (404) | App Proxy or Cloudflare Worker → 302 to `/account/security` |
| `openid-configuration` | Partial (Shopify Customer Accounts) | Endpoint exposed on `shopify.com` root, not your vanity domain |
| `mta-sts.txt` | N/A (email subdomain) | Separate hosting on `mta-sts.yourbrand.com` |
| `agent-card.json` | No | Dedicated Shopify App OR Cloudflare Worker in front |
| `llms.txt` | No | Same |
| `mcp/server-card.json` | No | Not before SEP stabilization |
| `http-message-signatures-directory` | No | Custom implementation if you operate an emitting agent |

**Recommendation for a standard DTC Shopify store**: start with the 4 quick-win endpoints (`security.txt`, `change-password`, `agent-card.json`, `llms.txt`) via a Cloudflare Worker in front. Count 2 to 4 hours of setup. That alone is enough to move from 25 to ~70 on the Cloudflare score.

## How to audit your current score

Three options to measure where you stand:

**Option 1 — Cloudflare free test**: open [isitagentready.com](https://isitagentready.com), enter your URL, choose site type (Content / API / All). The scanner checks robots.txt, sitemap, Link headers, Markdown negotiation, presence of the `/.well-known/` files listed above. Documented limitation: binary present/absent score, no content quality evaluation, no real cryptographic signature validation, commerce segment limited to technical protocols.

**Option 2 — Manual audit with curl**:

```bash
# Check presence and HTTP code
for endpoint in security.txt change-password agent-card.json; do
  echo "=== /.well-known/$endpoint ==="
  curl -sI "https://your-brand.com/.well-known/$endpoint" | head -1
done

# Check llms.txt at root
curl -sI "https://your-brand.com/llms.txt" | head -1
```

**Option 3 — [Verity Score GEO Audit](/en/free-geo-audit/)**: free 60-second audit covering the 11 `/.well-known/` endpoints plus 200 other GEO signals (schema.org, conversational content, AI robots.txt, multilingual, agentic commerce). Verity Score audits the **quality** of files, not just their presence: RFC 9116 conformance of `security.txt`, `Expires` validity, A2A v1 conformance of `agent-card.json`, freshness of `llms.txt`, cryptographically valid Web Bot Auth signatures.

Verity Score publishes its own A2A v1 conformant `agent-card.json` and up-to-date `llms.txt`, at `verityscore.io/.well-known/agent-card.json` and `verityscore.io/llms.txt`. Verifiable.

## Verity Score exclusive data: who actually crawls your /.well-known/ in 2026

Before this article, no public source had measured the consultation of AI-specific `/.well-known/` files by declared crawlers. OtterlyAI published 0.1% for `llms.txt`, but no one for `agent-card.json`, `ai.txt`, or `llms-full.txt`.

Here are the first ratios measured from `verityscore.io` server logs (April 2026, internal Verity Score data). Methodology: continuous capture of HTTP hits on exposed endpoints, attribution of user-agents to declared operators via cross-referenced User-Agent + official IP ranges published by OpenAI, Anthropic, Perplexity, Meta, Microsoft. Scope: 4 AI files exposed (`/.well-known/agent-card.json`, `/llms.txt`, `/ai.txt`, `/llms-full.txt`) × 3 major AI operators observed (OpenAI, Microsoft, Meta).

> Methodological note: we publish **qualitative ratios** here because they are the patterns that hold even on an early sample. Absolute volumes are updated in real time on the public dashboard [/en/ai-traffic-report/](/en/ai-traffic-report/) as the observation window grows.

| Metric | Observed value | Reading |
|---|---|---|
| Coverage of `/.well-known/agent-card.json` by major AI operators | **3/3** (OpenAI, Microsoft, Meta) | Only AI endpoint with full coverage by all 3 major actors |
| Coverage of `/llms.txt`, `/ai.txt`, `/llms-full.txt` by major AI operators | **1/3** (Meta only) | No major operator outside Meta crawls them in the measurement |
| MetaBot coverage of the 4 exposed AI files | **100%** | Structured discovery behavior on Meta AI's side |
| Share of `/.well-known/agent-card.json` in cumulative AI bot hits | **about 68%** | Massive concentration on the A2A endpoint |

Three takeaways:

1. **`/.well-known/agent-card.json` is the most widely adopted AI endpoint by declared crawlers.** It is crawled by all 3 major AI operators observed (OpenAI, Microsoft, Meta), while `llms.txt`, `ai.txt`, `llms-full.txt` are only crawled by 1 operator out of 3 (Meta alone). Consistent with its recent IANA registration and the arrival of A2A agents in production.
2. **MetaBot covers 100% of the 4 exposed AI endpoints.** Systematic discovery behavior suggesting a dedicated crawler mapping agent preferences on Meta AI's side. The only operator observed with this profile.
3. **GPTBot and Bingbot only crawl `agent-card.json`** in the measurement. No trace of `llms.txt` consultation by these two operators. Consistent with OpenAI's public stance that does not recognize `llms.txt` as a first-class input.

These ratios should be read with caution (single site, short observation window). But they contradict the "AI agents ignore /.well-known/" narrative. At minimum, **training and indexing crawlers** of the 3 major AI operators consult the A2A endpoint, so publishing it is not a dead investment.

Verity Score keeps publishing these measurements to track the evolution on the [public live dashboard](/en/ai-traffic-report/). Three open questions remain to measure in the coming months:

1. **Which `/.well-known/` correlates with a Perplexity, ChatGPT Search, or AI Overviews citation?** No study quantifies this today.
2. **What latency between publishing an agent-card.json and first GPTBot or Bingbot crawl?** Discovery measurement.
3. **JS rendering comparison between agents** Comet, Atlas, Operator, Computer Use, Deep Research on a common benchmark.

## Summary

| What to do in April 2026 | Confidence level |
|---|---|
| Publish `security.txt` conformant to RFC 9116 with Expires < 1 year | High (ratified RFC, universal adoption) |
| Publish `change-password` as 302 redirect | High (WHATWG spec, password manager adoption) |
| Publish `mta-sts.txt` in `testing` then `enforce` mode | High (ratified RFC, deliverability impact) |
| Publish `agent-card.json` conformant to A2A v1 | High (IANA standard, adoption ramping = early advantage) |
| Publish `llms.txt` at root | Medium (useful, but not a traffic lever) |
| Implement Web Bot Auth (`http-message-signatures-directory`) | High if you emit agent requests, low otherwise |
| Publish MCP `/.well-known/mcp/...` | Low (wait for SEP stabilization) |
| Publish `ai-plugin.json` | None (deprecated 2024) |

The Cloudflare score is an indicator, not an end. The real question is: when an AI agent (human or software) interrogates your brand, do you give it the structured elements to understand you, cite you, and recommend you? `/.well-known/` files are one signal among others. Content, schema.org, AI robots.txt, and freshness remain the major levers.

This article will be updated at every major standards evolution (final Web Bot Auth draft publication, SEP-1649 merge, new Cloudflare data). Last verification date: April 25, 2026.
## FAQ

### What is a /.well-known/ file?

A /.well-known/ file is a standardized endpoint (RFC 8615) that sites publish at their domain root to expose machine-readable metadata. In 2026, AI agents and verification servers look there for files like security.txt, agent-card.json, or the Web Bot Auth public key to understand your site and verify the authenticity of bots that connect to it.

### How many /.well-known/ files should a site publish in 2026?

A DTC site aiming to maximize its Agent Readiness score should publish 11 endpoints across 3 tiers: 5 ratified RFCs to publish without reservation (security.txt, change-password, openid-configuration, oauth-authorization-server, mta-sts.txt), 1 IETF draft already in production (Web Bot Auth), and 5 emerging ones to integrate as an early adopter (A2A agent-card.json, /.well-known/mcp/server-card.json, llms.txt, oauth-protected-resource, api-catalog).

### Does llms.txt actually drive AI traffic?

Not today. An OtterlyAI study over 90 days measures llms.txt at 0.1% of AI bot traffic. A Search Engine Land study on 10 sites over 180 days concludes it has no measurable impact on 8 sites. John Mueller (Google) compares it to the meta keywords tag. Publishing llms.txt remains useful as a credibility signal and for dev tools (Cursor, Continue), but should not be presented as a traffic lever.

### How does Cloudflare calculate my Agent Readiness score?

The 0-100 score published on isitagentready.com (launched April 17, 2026) covers 4 dimensions: Discoverability (robots.txt, sitemap, Link headers), Content Accessibility (Markdown negotiation), Bot Access Control (Content Signals, Web Bot Auth), Capabilities (MCP Server Card, OAuth Protected Resource, commerce protocols). The scanner detects binary file presence, not quality. First global report: 78% of sites have a robots.txt, 4% declare AI preferences, fewer than 15 sites worldwide support MCP Server Cards.

### Which /.well-known/ do AI agents actually consult in 2026?

Only one /.well-known/ file has real, measurable operator adoption: /.well-known/http-message-signatures-directory (Web Bot Auth). ChatGPT Agent, Goose (Block), Browserbase, Anchor Browser, and Cloudflare Browser Rendering publish their Ed25519 public key there to sign their requests. Server-side, Cloudflare and AWS WAF verify these signatures. Other /.well-known/ files (agent-card, MCP, llms.txt) are not systematically consulted by agents before navigation, despite some marketing articles claiming otherwise.

### Should I publish a /.well-known/mcp.json in 2026?

Not yet. As of April 25, 2026, MCP has no stabilized /.well-known/mcp.json standard. Two proposals are in draft: SEP-1649 (/.well-known/mcp/server-card.json) and SEP-1960 (/.well-known/mcp). Both are unmerged proposals to the MCP core spec. If you operate an MCP server, expose it directly via mcp.yourdomain.com and reference it in your agent-card.json (mcpEndpoint field). Wait for the spec final version before investing heavily.

### Can my Shopify store publish these /.well-known/ files?

Yes, with limitations. Shopify natively exposes /.well-known/apple-app-site-association and a few system endpoints. For others (security.txt, change-password, llms.txt, agent-card.json), use: a Shopify Theme with custom page template, an App Proxy that serves the file from your backend, or a Cloudflare Worker in front that rewrites the request. For MTA-STS, use the mta-sts.yourbrand.com subdomain hosted outside Shopify. Most Shopify stores today have neither security.txt, change-password, nor agent-card.

### Why does my Agent Readiness score drop without Web Bot Auth?

Web Bot Auth is the only /.well-known/ standard with real server-side adoption (Cloudflare, AWS WAF, presumably Vercel/Akamai). The Cloudflare score values its presence because it is currently the only mechanism that lets a site distinguish a legitimate AI agent (signed ChatGPT Agent) from a stealth crawler. To publish, you must host an Ed25519 JWKS at /.well-known/http-message-signatures-directory and sign the requests you emit. For a DTC site that only receives requests, this dimension can stay empty without breaking the global score.

## Sources

- [Introducing the Agent Readiness Score (Cloudflare, April 17, 2026)](https://blog.cloudflare.com/agent-readiness/) (industry)
- [isitagentready.com — Agent Readiness scanner (Cloudflare, April 2026)](https://isitagentready.com) (industry)
- [RFC 8615 — Well-Known Uniform Resource Identifiers (IETF, May 2019)](https://www.rfc-editor.org/rfc/rfc8615) (official)
- [IANA Well-Known URIs registry (updated April 1, 2026)](https://www.iana.org/assignments/well-known-uris/well-known-uris.xhtml) (official)
- [draft-nottingham-rfc8615bis-02 — revision in progress (Mark Nottingham, February 23, 2026)](https://datatracker.ietf.org/doc/draft-nottingham-rfc8615bis/) (official)
- [Web Bot Auth Architecture draft-05 (Meunier/Major, March 2, 2026)](https://datatracker.ietf.org/doc/draft-meunier-web-bot-auth-architecture/) (official)
- [HTTP Message Signatures Directory draft-05 (IETF, March 2, 2026)](https://datatracker.ietf.org/doc/draft-meunier-http-message-signatures-directory/) (official)
- [Web Bot Auth — official documentation (Cloudflare)](https://developers.cloudflare.com/bots/reference/bot-verification/web-bot-auth/) (official)
- [The age of agents: cryptographically recognizing agent traffic (Cloudflare, August 28, 2025)](https://blog.cloudflare.com/signed-agents/) (industry)
- [Agent2Agent Protocol — AgentCard Specification v1.0.0 (a2a-protocol.org, 2026)](https://a2a-protocol.org/latest/specification/) (official)
- [A2A donated to the Linux Foundation (Google Cloud, June 23, 2025)](https://developers.googleblog.com/en/google-cloud-donates-a2a-to-linux-foundation/) (official)
- [MCP SEP-1649 — Server Cards at /.well-known/mcp/server-card.json (October 14, 2025)](https://github.com/modelcontextprotocol/modelcontextprotocol/issues/1649) (official)
- [MCP SEP-1960 — /.well-known/mcp discovery endpoint (2026)](https://github.com/modelcontextprotocol/modelcontextprotocol/issues/1960) (official)
- [llms.txt specification (Jeremy Howard, AnswerDotAI, last commit January 29, 2026)](https://llmstxt.org/) (official)
- [Does llms.txt matter? We tracked 10 sites for 180 days (Search Engine Land, January 20, 2026)](https://searchengineland.com/does-llms-txt-matter-467740) (industry)
- [The llms.txt Experiment: 0.1% of AI traffic (OtterlyAI, 90 days)](https://otterly.ai/blog/the-llms-txt-experiment/) (industry)
- [Google Says LLMs.txt Comparable to Keywords Meta Tag (Search Engine Journal, 2025)](https://www.searchenginejournal.com/google-says-llms-txt-comparable-to-keywords-meta-tag/544804/) (industry)
- [RFC 9116 — security.txt (IETF, April 2022)](https://www.rfc-editor.org/rfc/rfc9116) (official)
- [RFC 9421 — HTTP Message Signatures (IETF, February 2024)](https://www.rfc-editor.org/rfc/rfc9421) (official)
- [The rise of the AI crawler — no AI crawler executes JS except Gemini (Vercel, December 17, 2024)](https://vercel.com/blog/the-rise-of-the-ai-crawler) (industry)
- [The crawl-to-click gap: July 2025 ratios (Cloudflare, August 29, 2025)](https://blog.cloudflare.com/crawlers-click-ai-bots-training/) (industry)
- [Overview of OpenAI Crawlers (developers.openai.com)](https://developers.openai.com/api/docs/bots) (official)