# AGENTS.md — SEO Agency Naples

A one-page handshake for AI agents and crawlers. Everything below is a real endpoint on this
domain, and every claim is checkable without trusting us.

## Get the content, not the chrome

Every indexable page has a plain-text Markdown twin:

- `/pricing/` → `/pricing.md`
- `/` → `/index.md`

Three ways to reach it, cheapest first:

1. **Content negotiation.** Send `Accept: text/markdown` to any page URL and you get the twin
   instead of the HTML. This is ordinary HTTP content negotiation (RFC 9110), not a bespoke AI
   file format. Responses carry `Vary: Accept`.
2. **Link header.** Every HTML response advertises its twin:
   `Link: <https://seoagencynaples.com/pricing.md>; rel="alternate"; type="text/markdown"`.
   A `HEAD` request is enough to discover it.
3. **Convention.** Strip the trailing slash and append `.md`.

Site-wide maps: `/sitemap.xml` (58 URLs), `/llms.txt` (curated index), `/llms-full.txt` (full text).

## Verify the content

Do not take our word for what this site says. Two independent checks:

**1. Content integrity (no server needed).**

```
GET /transparency.json
```

Returns a SHA-256 of every page's Markdown twin, plus a `manifestHash` over all of them.
To verify a page: fetch `/<route>.md`, SHA-256 the bytes, compare to `pages["/<route>/"].sha256`.

To recompute the manifest hash yourself: sort the routes, join each as `route:sha256` with `\n`,
then SHA-256 the result. The recipe is stated in the file so it is reproducible, not trusted.

**2. Log receipt (public verifier, no key).**

```
GET /attestation.json
```

Returns the receipt sealing `manifestHash` into an RFC-6962 Merkle transparency log, with its
inclusion proof. Verify it:

```
POST https://sea-shield-production.up.railway.app/api/attest/verify
Content-Type: application/json

{ "receipt": <receipt from attestation.json>, "statement": <statement from attestation.json> }
```

That endpoint is public: no key, no account, and no need to route through this domain. A
same-origin convenience proxy exists at `POST /api/verify-attestation`, but it is a convenience,
not an authority.

Supporting endpoints, all public:

- `GET .../api/helix/log/head` — current tree head
- `GET .../api/helix/witnesses` — the witness registry and public keys
- `GET .../api/helix/log/checkpoints` — signed tree heads

## What the attestation proves

- The statement hashes to `statement_hash` (content integrity).
- The leaf is included in the Merkle tree (RFC-6962 inclusion proof).
- Tree heads are co-signed by a nine-witness panel at a six-of-nine quorum, using composite
  ML-DSA-65 (post-quantum) + Ed25519 (classical).

## What it does not prove

- Nothing about rankings, correctness, or content quality. It is provenance, not endorsement.
- **No quantum-beacon binding is claimed.** The platform supports binding a public quantum beacon
  into tree heads, but at build time the beacon reported `stale: true` and `binding: "none"`, so we
  do not assert it. If you see that claim on this site, it is a bug: please report it.

## Crawler policy

See `/robots.txt`. Search and answer engines are welcome, including `OAI-SearchBot`,
`Claude-SearchBot`, `PerplexityBot`, `ChatGPT-User`, `GPTBot`, `ClaudeBot` and `Google-Extended`.
Competitor-intel and bulk-harvest bots are disallowed. There is no `Content-Signal` header and no
`ai-train=no` reservation: training crawlers are genuinely allowed, not allowed-then-quietly-blocked.

## Contact

SEO Agency Naples (brand of SEO Elite Agency) · Naples, FL
hello@seoagencynaples.com · (239) 404-8590
Founder and author: Jamie Kloncz — `/jamie-kloncz/`
