Bundle Pluginsource linked

automatelab-ai-seo-mcpv0.5.0

AI Citation Toolkit - audit, score, and rewrite web pages for AI-citation eligibility. AEO/GEO/LLM visibility for any MCP client.

@automatelab/ai-seo-mcp·runtime @automatelab/ai-seo-mcp·by @automatelab

openclaw bundles install clawhub:@automatelab/ai-seo-mcp

Latest release: v0.5.0Download zip

Capabilities

Bundle format

claude

Compatibility

Built With Open Claw Version

0.5.0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

ℹ

Purpose & Capability

The network fetching, sitemap checks, link checks, rewrites, entity extraction, and report generation all fit the stated AI-SEO auditing purpose. The top-level SKILL.md is outdated about tool count and read-only framing, but README and runtime tool descriptions disclose the broader 18-tool surface.

ℹ

Instruction Scope

Most tools are user-directed and describe their URL, robots, sampling, and output behavior. Some model-sampling tools send fetched page text to the MCP host model without a separate in-tool consent gate, so private or internal pages need user caution.

✓

Install Mechanism

Installation uses a normal npm/npx MCP server entrypoint with no package install lifecycle scripts found. Static scan and VirusTotal telemetry were clean, and the package is source-linked but not provenance-attested.

ℹ

Credentials

Outbound HTTP to user-supplied domains, optional headless Chromium rendering, environment-based fetch settings, and in-memory caching are proportionate for a web audit tool. The artifacts do not show credential harvesting, unrelated host access, or publisher exfiltration.

ℹ

Persistence & Privilege

Persistence is limited to an in-memory fetch cache and the explicit report.save tool, which writes under MCP_WORKSPACE_ROOT or cwd and rejects path escapes. report.save defaults to overwrite=true, so existing workspace files can be replaced if the user or agent chooses that path.

Scan Findings in Context

[LP3] expected: Outbound network access is real and expected for URL, robots.txt, sitemap, and link auditing. The main metadata is sparse about permissions, but the skill and tool descriptions disclose HTTP fetching.

[TP4] expected: The scanner correctly noticed that SKILL.md understates the current surface as 14 tools and read-only checks. README and registered MCP tool annotations disclose report.save, sampling, prompts, and resources, so this is an under-disclosure note rather than hidden behavior.

[SDI-1] expected: report.save writes Markdown reports locally, which is consistent with audit reporting and is disclosed in README and the tool description. It is not automatic.

[SDI-2] expected: The file-writing capability is ancillary but user-directed, constrained to the workspace tree, and marked non-read-only/destructive in MCP annotations.

[SQP-2] expected: The overwrite concern is valid as a user caution: overwrite defaults to true. The path containment logic mitigates traversal, but users should choose report paths carefully.

[SQP-2] expected: MCP sampling in extract.entities, rewrite.aeo, rewrite.geo, and score.test_citation is purpose-aligned and disclosed in runtime tool descriptions. The residual risk is privacy when auditing private, internal, or licensed content.

[SQP-2] expected: Some sitemap and llms.txt retrieval paths bypass robots checks for sitemap-like resources, while sampled page fetches generally respect robots by default. This is coherent with the tool's SEO function but should be used on public or owned sites.

[SQP-2] expected: validate_llms_txt can fetch a supplied llms.txt URL and HEAD-check links extracted from it. That is expected for link validation, though it creates broad outbound requests controlled by the supplied content.

[SSD-1] expected: Untrusted page text is passed to model-sampling prompts for extraction and citation simulation. This can affect output quality, but the artifacts do not show use of those model outputs for command execution, credential access, or hidden actions.

Assessment

Install only if you are comfortable with a tool that makes outbound requests to URLs you provide and, for some tools, asks the MCP host model to process fetched page content. Avoid running it on private/internal/authenticated pages unless your MCP host and model path are approved for that data. Use report.save with explicit paths and set overwrite=false when preserving existing workspace files matters.

Verification

Tier

source linked

Scope

artifact only

Summary

Validated package structure and linked the release to source metadata.

Source

github.com/AutomateLab-tech/ai-seo-mcp

Commit

8825809d0619

Tag

main

Provenance

Scan status

clean

@automatelab/ai-seo-mcp

AI Citation Toolkit for the Model Context Protocol

Audit why AI systems do or do not cite your pages. MCP server. No API keys.

Works inside Claude, Cursor, Windsurf, Codex, and any MCP client that speaks stdio.

What it checks

AI crawler access - GPTBot, OAI-SearchBot, ClaudeBot, and PerplexityBot allowed or blocked in robots.txt
llms.txt - present, spec-compliant, links alive
Structured answer extraction - FAQ headings, BLUF paragraphs, answer-ready blocks
[[schema]] completeness - FAQPage, Article, Organization, Person; flags deprecated patterns
Entity clarity - named entity density and sameAs coverage that help AI systems identify the subject
Citation formatting - canonical URL hygiene, og:url, hreflang, noindex traps
Sitemap freshness - lastmod signals that tell crawlers the page is current

Run an audit. Get a list of citation-blockers, ranked.

You: Run an AI-SEO audit on https://automatelab.tech/launching-the-ai-seo-mcp/.

Result (truncated):

{
  "url": "https://automatelab.tech/launching-the-ai-seo-mcp/",
  "score": 61,
  "grade": "C",
  "dimension_scores": {
    "schema": 45, "technical": 80, "structure": 40,
    "robots": 90, "freshness": 85, "authority": 40,
    "entity_density": 21, "sitemap": 100
  },
  "findings": [
    {
      "severity": "critical",
      "category": "structure",
      "message": "No FAQ structure found (no FAQPage schema or H3 question headings).",
      "fix": "Add FAQ H3 headings ending in '?' with answer paragraphs, and a FAQPage JSON-LD block.",
      "estimated_impact": "high"
    },
    {
      "severity": "warning",
      "category": "authority",
      "message": "Low authority signals - missing Organization or author Person schema.",
      "fix": "Add Organization JSON-LD and Article.author as a Person node with sameAs links.",
      "estimated_impact": "high"
    }
  ]
}

Each finding names the exact fix. No opaque scores, no guesswork.

Install

npx -y @automatelab/ai-seo-mcp

Requires Node 20 or later.

Claude Desktop

Add to %APPDATA%\Claude\claude_desktop_config.json (Windows) or ~/Library/Application Support/Claude/claude_desktop_config.json (macOS):

{
  "mcpServers": {
    "ai-seo": {
      "command": "npx",
      "args": ["-y", "@automatelab/ai-seo-mcp"]
    }
  }
}

Restart Claude Desktop. Any MCP client that supports stdio transport works - same command / args pattern.

Optional: headless rendering for SPAs

By default audit_page reads raw HTML — fast, but misses content on React/Vue/Angular SPAs. Pass render: "headless" to spin up Chromium and audit the rendered DOM (adds 3-10s per audit).

One-time install:

npm install playwright-core
npx playwright install chromium

Then call audit_page with render: "headless". Use static for everything else — most marketing sites and docs render fine without it.

Tool	Purpose
`audit.page`	Composite AI-SEO audit with 8-dimension scoring (schema, technical, structure, robots, freshness, authority, entity density, sitemap).
`audit.schema`	Validate JSON-LD against Schema.org rules and AI-citation best practice. Flags deprecated patterns.
`audit.canonical`	Canonical link integrity, trailing-slash hygiene, `og:url` consistency.
`audit.site`	Single-call site sweep: `audit.page` + `check.robots` + `check.sitemap` + `audit.schema` with overall grade and top-5 fixes.
`audit.sitemap`	Site-wide content audit: stride-sample N URLs from the sitemap, run `audit.page` on each, return distribution + worst pages + top findings.
`check.robots`	Parse `robots.txt` and report per-crawler allow/disallow for all known AI crawlers. Surfaces the GPTBot-blocked-but-OAI-SearchBot-allowed trap.
`check.sitemap`	Validate XML sitemaps: presence, URL count, `lastmod` freshness, image/video extensions.
`check.technical`	HEAD tag audit: canonical, OpenGraph, Twitter Card, hreflang, HTTPS, noindex, title hygiene.
`score.ai_overview_eligibility`	Score a page's probability of appearing in Google AI Overviews using current correlation factors.
`score.citation_worthiness`	Score how citable a page or text block is for Perplexity, ChatGPT, Google AI Overviews, and Claude.
`score.test_citation`	Simulate "would an AI engine cite this for this query?" via MCP sampling, with deterministic heuristic fallback.
`llms_txt.generate`	Generate `llms.txt` and optionally `llms-full.txt` from a domain's sitemap.
`llms_txt.validate`	Lint an existing `llms.txt` for spec compliance and broken links.
`rewrite.aeo`	Rewrite content for Answer Engine Optimization (BLUF structure, FAQ format, schema additions).
`rewrite.geo`	Rewrite content for Generative Engine Optimization (entity definitions, comparison tables, synthesis-ready structure).
`extract.entities`	Extract named entities, `sameAs` links, and citation-density score from a page's content and structured data.
`diff.pages`	Compare two URLs for AI citation-worthiness: side-by-side dimension scores, gap analysis, and prioritized fix recommendations for url_a.
`report.save`	Render an `audit.page` / `audit.site` result as a Markdown report and write it to disk under `MCP_WORKSPACE_ROOT`.

v0.4.0 renamed tools from flat snake_case to dot-notation (audit.page, check.robots, …) for a navigable hierarchy. Update any saved invocations.

Environment variables: see ENV.md.

</details>

Contributing

Bug reports, feature ideas, and PRs welcome. See CONTRIBUTING.md.

Security

To report a vulnerability, see SECURITY.md.

License

MIT - see LICENSE.

Built by automatelab.tech