HTTPS & transport
Is the current page served over HTTPS, and is HSTS declared? The Level 0 baseline an agent checks before it trusts anything else.
Tools · OARS browser extension
See any site the way an AI agent sees it, in one click.
A free Chrome extension that reads a site's agent-readiness signals as you browse. Click the icon on any page and you get a structured snapshot in under three seconds: the most verifiable OARS signals across Levels 0–3 — HTTPS and security headers, robots.txt AI directives, Schema.org, llms.txt, oars.json, agent and MCP cards, Web Bot Auth — plus a one-call lookup against the Knov.ai directory that tells you whether the site is verified and at what level. Install it free and put that read one click away on every site you visit.
Free · Manifest V3 · No account required
Open the popup on a prospect's site and show them, live, what an AI agent reads when it arrives: the signals they're passing and the ones they're missing. That's a sharper pitch than any slide, and it works on any URL with no setup. Every scan ends with a one-click path to the full OARS assessment, so a quick look turns into a real verdict whenever you want one.
What it reads from the page
Instant signals, no network requests.
These come straight out of the page you're already on — the DOM and the response headers — so they're available the moment the popup opens.
Security headers
X-Content-Type-Options, Content-Security-Policy, and Referrer-Policy — present or absent, read from the response.
Schema.org JSON-LD
Is structured data on the page, what @type is declared, and are the required fields there? The detected type shows in the checklist.
Heading hierarchy
Is there a single H1? Multiple H1s — a common, quiet failure — get flagged rather than passed.
Canonical URL
Is a canonical URL declared on the page? One of the small Level 2 signals that's easy to miss and easy to fix.
Content-Signal & Link headers
Are Content-Signal directives and Link headers present in the page response? Read directly, no extra fetch.
What it fetches in the background
The well-known endpoints, checked in parallel.
While you read the instant signals, the extension fires a parallel batch of fetches at the site's well-known endpoints — the whole set resolves in about one to two seconds, and results are cached per domain for the session so revisiting doesn't re-fetch.
/robots.txt with AI directives
Present, and does it name all six AI agents — GPTBot, OAI-SearchBot, ClaudeBot, PerplexityBot, anthropic-ai, Google-Extended — with Content-Signal directives alongside them?
/llms.txt
Present and non-empty? The text-format index AI systems use to navigate a site.
/oars.json
Checked at the root and at /.well-known/oars.json — present, and valid?
Agent card
/.well-known/agent-card.json — present? The declaration an agent reads to learn what it can do here.
MCP server card
/.well-known/mcp/server-card.json, falling back to /.well-known/mcp.json — present?
API catalog
/.well-known/api-catalog — present? Where an agent finds the APIs a site exposes.
Web Bot Auth
/.well-known/http-message-signatures-directory — present? The signing directory that lets a site authenticate legitimate bots.
Agent Skills index
/.well-known/agent-skills/index.json — present? The catalog of skills a site publishes for agents.
Knov.ai directory lookup
One call to knov.ai/api/directory/:domain: is this domain indexed, at what OARS level, at what verification tier — with a link straight to its profile. The single most valuable check in the set.
The popup
One clean readout, organized by level.
A header that tells you where the site stands at a glance, a collapsible checklist grouped the way OARS is, and CTAs that take you to the next step. It renders in under a second once the data is in.
An at-a-glance header
Favicon and domain, an overall signal — green for strong, yellow for partial, red for absent — and, if the site is listed, an "OARS Level X — Verified" badge linking to its directory profile. If it isn't listed, it says so plainly.
Level 0 — Reachable
HTTPS, HSTS, and the core security headers. The checks that decide whether an agent will engage with the site at all.
Level 1 — Discoverable
robots.txt AI directives, Content-Signal, llms.txt, Schema.org (with the detected type), Link headers, Web Bot Auth, agent card, MCP server card, API catalog, Agent Skills index, and oars.json — the full discoverability layer in one column.
Level 2 — Readable
A single H1 and a declared canonical URL — the readability signals the extension can verify from the page in real time.
Footer CTAs that route you
"Run full OARS assessment" for the real verdict, "Submit to Knov.ai directory" if the site isn't listed, and "View directory listing" if it is — the right next step depending on what the scan found.
Fast and cached
A background service worker runs the fetches and caches per domain for the session; the popup is vanilla JS that just renders what's there. Open it again on the same site and it's instant.
What it doesn't check
A quick scan, not a verdict.
Some signals can't be read honestly in three seconds from a toolbar. The extension doesn't pretend to — it leaves these to the full assessment and tells you so.
Performance & Core Web Vitals
LCP, INP, and CLS need a proper audit under real load — not a single page read.
Markdown content negotiation
Whether a site serves Markdown to agents that ask for it is a full content check, not a header glance.
TLS configuration
Version and cipher configuration require inspecting the connection itself, beyond what the page exposes.
Accessibility tree
Validating the accessibility tree is a dedicated audit, not a presence check.
Content accuracy & quality
Whether what a site says is correct and useful is a judgment, not a signal.
Anything needing human review
The extension surfaces the signal and sends you to the assessment. The assessment is where the judgment happens.
FAQs
Is this the same as a full OARS assessment?
No, and that's by design. The extension is a quick scan — the most verifiable signals across Levels 0–3, read in under three seconds. It tells you whether the signal is present, not whether it's correct in every detail. The full assessment at knov.ai/assess is the verdict; the extension's job is to surface the signal and tell you where to go deeper.
What does it actually read, and does any of it leave my browser?
Almost everything is read directly: the page's DOM (Schema.org JSON-LD, headings, canonical URL), the response headers, and direct fetches to the target domain's well-known endpoints (robots.txt, llms.txt, oars.json, agent and MCP cards, and the rest). The only external call is the Knov.ai directory lookup — one request to knov.ai/api/directory/:domain to check whether the domain is listed and at what level. Checks are never proxied through Knov.ai; the extension talks to the site you're on.
Why is the Knov.ai directory check the important one?
Because it answers the question a sales call actually turns on, in a single call: is this site verified, at what OARS level, and at what tier — with a link straight to its public profile. Every other check tells you what a site declares about itself. The directory check tells you whether that's been independently verified.
Who is it for?
Consultants who want to open a conversation with "let me show you what your site looks like to an AI agent" instead of a slide. Developers checking their own implementation as they build it. Agencies auditing a prospect before the first call. One click, instant visual, no setup.
What won't it check?
Anything that needs a real audit: Core Web Vitals and performance, Markdown content negotiation, TLS version and cipher configuration, accessibility-tree validation, content accuracy, and anything requiring human review. Those are what the full assessment is for. The extension is the surface read.
Which browser does it run in?
Chrome. It's built on Manifest V3 and installs from the Chrome Web Store in one click — no account, no setup.
Does it cost anything?
No. It's free, with no account required. Install it, click the icon on any site, and it works.
Free for Chrome
Put the OARS signal one click away.
Install it once and every site you visit is a click away from a structured agent-readiness read. It's free, there's no account, and it works on any URL. When you need the full verdict, the OARS assessment is the next step.
Privacy policy — the extension reads only the site you're on and makes a single Knov.ai directory lookup. No tracking, no accounts.