Skip to content
View erekola's full-sized avatar

Block or report erekola

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
erekola/README.md

Erik Rekola

Agent-readiness audits and advisory for product teams, and the wider work of making the data agents act on and the decisions they make reliable.

turva.dev, my own reference build, is ranked #1 of publicly-scanned sites on the startuphub.ai agent-readiness leaderboard, scoring 100/100 (A+) across all six categories. On isitagentready.com, Cloudflare's agent-readiness scanner, it scores 100/100 at Level 5 (Agent-Native). Measured 2026-07-02.

Scanner Result
isitagentready.com (Cloudflare) 100/100, Level 5 (Agent-Native)
startuphub.ai leaderboard 100/100 (A+), #1 of publicly-scanned sites

startuphub.ai sub-scores (Discoverability, Content, Access Control, Capabilities, Commerce, Quality): 100/100 each.

The Cloudflare Worker that produces these results is open source: turva-worker. You can read every line before you hire me.

Web security

Agent-readiness is one axis. The domain's own web security is another, and I publish turva.dev's own scan results so a buyer can see the same house is in order, not just claimed. Measured on turva.dev on 2026-07-01.

Scanner Result
Hardenize All 13 categories passed
Internet.nl 98 / 100

On Internet.nl, IPv6, DNSSEC and RPKI pass in full. The single deduction is one HTTPS sub-test, the hash function for key exchange, which I document rather than hide.

Why this matters

AI agents such as ChatGPT search, Perplexity, Claude, and Copilot are now a discovery channel. They read sites and APIs through /.well-known/ manifests, JSON-LD, head metadata, and protocol endpoints (MCP, x402, ACP, AP2). If those signals are wrong or contradicted by your CMS, your product becomes invisible inside the answer rather than merely de-ranked.

The skill is knowing which signals each agent actually reads, in what order, and how to make them deterministic across CMS drift.

Agent-readiness reference

A consolidated agent-readiness reference, with a short definition of each surface agents read and a link to its full guide, is in the open-source repository: docs/agent-readiness.md.

Agent-readiness guides

I publish plain-language guides on the surfaces agents read and how to make a site legible to them. Published on turva.dev.

Writing

Notes on AI agents, and the work of letting them read a site and act on a system safely. Anything that can be measured is checked against independent scanners rather than asserted. A selection is below, with the full index on turva.dev.

What I do

  • Audits. Public scanner sweep across the leaderboards above, plus manual review of /.well-known/ manifests, JSON-LD, head metadata, and protocol endpoints. Written report with prioritized gaps. Async-only.
  • Advisory. Per-gap remediation notes your engineers can ship. Async-only.
  • Implementation. Scoped repository write access per task if you want me to fix what I found. Same Worker pattern as turva.dev, adapted to your stack.
  • Agent operations. Beyond readiness: making the data an agent acts on and the decisions it is allowed to make reliable. Scoped per engagement. Async-only.
  • MCP server design. Read-only discovery tools and Streamable HTTP transport, no auth surface and no logging by default. The endpoint stays readable for agents without turning into an abuse vector. Async-only.

How I work

  • Async-only. No calls, no calendar links, no discovery meetings.
  • Reply within one business day.
  • Fixed scope per engagement, written before any payment.
  • Open-source reference implementation means you verify the work against the same scanners I do.

Contact

Tell me your domain and what you want audited. I respond within one business day.

Popular repositories Loading

  1. turva-worker turva-worker Public

    The open-source Cloudflare Worker behind turva.dev. One source renders every page as HTML, markdown and JSON, so people and AI agents read the same content.

    JavaScript

  2. turva-mcp turva-mcp Public

    The public read-only MCP server for turva.dev, live at mcp.turva.dev/mcp. Published in the official MCP registry as dev.turva/turva-mcp.

    TypeScript

  3. erekola erekola Public

    Profile README.

  4. awesome-mcp-servers awesome-mcp-servers Public

    Forked from punkpeye/awesome-mcp-servers

    A collection of MCP servers.