The Blog
Articles on Wealth Building, Business & Real Estate
Insights from the author of The Trap Series — on escaping the rat race, starting a business with no money, avoiding bad real estate, and building lasting wealth.
Automated Hosting & Indexing Health Checks: Fix Google Search Console Errors Before They Tank Your Rankings
Detect and fix common Google Search Console errors including redirects, canonicals, duplicate content, and HSTS with the automated Hosting & Indexing Health tool.
Static Site Generators Compared: Eleventy vs Next.js vs Astro vs Hugo in 2026
Head-to-head comparison of Eleventy, Next.js, Astro, Hugo, Gatsby, and more with build benchmarks, learning curves, and a decision matrix for your next project.
NeonDB: Serverless Postgres for Side Projects and Scaling
Learn when to use NeonDB for serverless Postgres, how branching works, connecting from Netlify and Vercel functions, and free tier limits explained.
Review Velocity for Local Businesses: The Cadence, Response Targets, and Aggregators That Actually Move Rankings
Google, Yelp, and Apple Business all weight recency and response time. Here's the cadence to hit by industry, the response SLAs that hold rank, and which aggregator tier to buy by scale.
Three Direct-Booking Patterns That Don't Break OTA Rate Parity (Without Getting Delisted)
Booking.com and Expedia contracts punish hotels that advertise a lower public rate. Here are three incentive patterns that pull direct bookings without breaching the parity clause, plus one that looks fine but isn't.
Supabase with OAuth: When You Need It and How to Set It Up
Learn when your project needs Supabase OAuth authentication and follow step-by-step setup for Google, GitHub, and email login with Row-Level Security.
Competitive Social Media Analysis: Generate AI Prompts to Clone Winning Strategies
Use the Social Media Content Prompt Creator to reverse-engineer competitor strategies for Instagram, TikTok, Medium, and Meta with AI-generated content plans.
How to Build AI-Powered SERP Analysis Prompts for Any Website
Use the free SERP Analyzer Prompt Generator to create AI prompts that audit keyword density, content gaps, and title optimization from live search results.
Generate AI Fix Prompts From Any Site Audit: Let ChatGPT or Claude Write Your Code
Turn site audit results into ready-to-paste AI prompts that generate exact code fixes for SEO, schema, performance, and accessibility issues.
How to Compare 10 Websites at Once: The Batch Analyzer for SEO, GEO, and AEO
Use the free Batch Analyzer to compare up to 10 websites across 8 scoring dimensions — SEO, GEO, AEO, schema, performance, and more — with exportable reports and AI fix prompts.
How to Trigger a Google Knowledge Panel: The E-E-A-T Endgame (Part 5 of 5)
The exact combination of Wikidata, schema markup, external profiles, and convergent signals that triggers Google to create a Knowledge Panel for your personal or brand entity.
E-E-A-T Reviews & Social Proof: How to Build Trust Signals Google Can Verify (Part 4 of 5)
How to collect reviews, implement AggregateRating schema, leverage testimonials, and build the social proof layer that completes Google's trust evaluation of your brand.
E-E-A-T Schema Markup: The JSON-LD That Makes Google Understand Your Brand (Part 3 of 5)
How to implement Person, Organization, Book, and BookSeries schema.org markup with sameAs, knowsAbout, and entity cross-references. The exact JSON-LD blocks that feed Google's Knowledge Graph.
Building Your E-E-A-T Profile Network: Google, Wikidata, LinkedIn & More (Part 2 of 5)
Step-by-step guide to creating authority profiles on the seven platforms that feed Google's Knowledge Graph. Wikidata, Google Business Profile, LinkedIn, Crunchbase, Amazon Author Central, ORCID, and how they connect.
E-E-A-T Authority for Brands: What It Is and Why Google Demands It (Part 1 of 5)
Google's E-E-A-T framework — Experience, Expertise, Authoritativeness, Trustworthiness — determines which brands rank. Here's what it actually means and how to build it from scratch.
List Your Books on Google Shopping for Free via Merchant Center
Google Merchant Center lets you list physical and digital products in Google Shopping results for free. Here's how to set it up for books without having a traditional e-commerce store, including direct links to Amazon.
LinkedIn Newsletters: 100% Reach to Every Subscriber (Not 5% Like Posts)
LinkedIn newsletters deliver to every subscriber's inbox and LinkedIn notification feed — bypassing the algorithm that throttles regular posts to 5% reach. Here's how to set one up, what to write, and how it cross-promotes your books and sites.
BookBub: The Author Platform With 15 Million Power Readers
BookBub's 15 million subscribers are the most purchase-ready book audience on the internet. Here's how to set up a free author profile, understand featured deals, build followers, and use BookBub's ad platform for targeted book marketing.
Goodreads, LibraryThing, and StoryGraph: The Three Book Discovery Platforms You're Not Using
90 million readers on Goodreads, 2.5 million on LibraryThing, and a fast-growing audience on StoryGraph are discovering books without ever touching Google. Here's how to claim your author profiles, optimize your listings, and use each platform's discovery mechanics.
Amazon KDP A+ Content: The Free Upgrade That Doubles Your Book Page Conversions
A+ Content (formerly Enhanced Brand Content) transforms your Amazon book listing from a wall of text into a visual, conversion-optimized sales page. Here's how to set it up for free, what modules to use, and the before/after data from six book listings.
Bluesky Custom Feeds: Become the Curator for 42 Million Users
Bluesky's AT Protocol lets anyone create custom algorithmic feeds. With Attie AI, you can build feeds using plain language — no coding required. Here's how to become the go-to curator in your niche.
Gumroad Discover: Passive Sales From a 1.6M Product Marketplace
Gumroad Discover surfaces your digital products to 1.6 million+ listed products' worth of buyer traffic. Here's how to optimize your listings, use commission boosts, and leverage tags for passive discovery.
Publishing Book Tools on GitHub: DA 95 Backlinks for Free
GitHub has a Domain Authority of 95 and is one of the most-cited sources in ChatGPT responses. Here's how publishing open-source tools related to your book generates permanent backlinks and AI visibility.
Crunchbase + Wikidata: The Two Free Profiles That Feed Google's Knowledge Graph
Crunchbase and Wikidata are primary data sources for Google's Knowledge Graph. Here's how creating free profiles on both platforms can trigger a Knowledge Panel for your brand or personal entity.
Google Discover: The Passive Traffic Firehose Most Sites Ignore
Google Discover sends content to 800 million+ devices based on interest graphs, not keywords. Here's how to optimize for Discover's unique ranking signals and start generating passive traffic.
Generative Engine Optimization: Why Traditional SEO Is No Longer Enough
Traditional SEO optimizes for ten blue links. Generative Engine Optimization targets the AI models that now answer questions directly. Here's how citation farming works differently for ChatGPT, Perplexity, and Google AI Overviews.
The Mobile-Presentation Parameters Modern Sites Still Get Wrong
Five mobile-presentation parameters that ship broken on otherwise-modern responsive sites. Each fix is one to three lines of CSS. Validated against an iPhone, Pixel, and iPad probe.
12 non-profit transparency checks the Mega Analyzer now runs (when it detects a 501(c)(3))
When the Mega Analyzer detects a 501(c)(3), it now runs twelve donor-trust checks gated on the vertical: EIN visibility, GuideStar links, donation platform freshness, NGO schema, DonateAction, more.
Legal-Site Readiness in the Mega Analyzer: What an Am Law Audit Catches Before the Ethics Committee Does
A new Mega Analyzer section runs only on law-firm pages and flags missing inline advertising notices, prior-results disclaimers, Person/Attorney schema, and EU cookie banners against bar-rule and schema.org references.
Defense-Contractor Readiness in the Mega Analyzer: Why Federal Procurement Officers See a Different Site Than Marketing Thinks They Do
A new Mega Analyzer section that runs only on US defense-contractor pages and flags missing CMMC level, DFARS 252.204-7012, NIST SP 800-171, ITAR / EAR, FedRAMP, SAM.gov / CAGE / UEI / NAICS disclosure, Section 889, and Capability Statement PDF against the DoD, FAR, DFARS, NIST, and State Department references.
CPA-Firm Readiness in the Mega Analyzer: Why a Generic SEO Scan Doesn't See AICPA Peer Review, Circular 230, or FTC Safeguards Rule Gaps
A new Mega Analyzer section that runs only on CPA / accounting-firm pages and flags missing AICPA peer review references, Circular 230 acknowledgment, FTC Safeguards Rule statements, and Person+Accountant + AccountingService schema against AICPA, IRS, and Idaho/state-board references.
12 brand and copy hygiene checks that should be in your SEO audit (now in the Mega Analyzer)
Twelve audit patterns that silently cost visibility and trust, including a typo that looks correct to the eye but reads wrong to every search engine. All shipped to the Mega Analyzer.
Robots.txt as a Platform Fingerprint — Catching Pixieset, Squarespace, and Showit When CDN Detection Misses
URL-regex platform detection misses any SaaS that lets tenants serve assets from a custom domain. The Mega Analyzer now reads robots.txt as a fallback fingerprint — catches Pixieset, Squarespace, and Showit when CDN URLs are masked.
Photographer Sites Need ImageObject and Photograph Schema — Auto-Detected by Vertical
Photographer marketing sites need ImageObject and Photograph JSON-LD with copyrightHolder, license, and acquireLicensePage fields, but the existing audit only fired when those blocks already existed. Round 8 detects the gap by vertical.
Vercel BotID and Cloudflare Bot Fight Mode Silently Block AI Search — Now Auto-Detected
GPTBot, ClaudeBot, PerplexityBot, and Google-Extended all hit the same wall when a marketing site enables Vercel Attack Challenge or Cloudflare Bot Fight Mode. The Mega Analyzer now flags it as a critical finding with platform-specific remediation.
Mega Analyzer goes Shopify-aware — six new detectors and one suppressor
Auditing a Shopify storefront in a generic SEO checker drowns the merchant in false positives: visually-hidden H1s, http schema.org context, paired og:image http+secure_url, /policies/* paths the checker misses. The Mega Analyzer now fingerprints Shopify and applies a Shopify-aware rule pack — six new Shopify-only detectors and one suppressor that fixes a long-standing /policies/* false negative. Patterns generalized from a real audit; brand details anonymized.
Content Credentials: How to Prove You're Human in an AI-Generated World
The C2PA standard lets you cryptographically prove that your content was created by a human. With the EU AI Act requiring AI content labeling, Content Credentials are becoming a trust signal. Here's how to implement them.
Ontology Just Beat Vector Embeddings. Here Is What That Means for Your Small Business.
Vector search was the default way AI tools read your business data through 2024. Graph shaped knowledge structures are the default in 2026. Here is what changed, why it matters at 5 person or 50 person scale, and a two CLI workflow to migrate your own data using Claude Code and Codex.
ProfilePage.mainEntity as a bare @id reference — the Search Console error that hides in valid schema
Search Console flags ProfilePage and AboutPage with 'Invalid object type for field mainEntity' when the referenced Person/Organization lives on another URL. The schema is valid. The Rich Results Test is green. Here is the fix and why it is necessary.
Date-only YYYY-MM-DD in JSON-LD trips Search Console — the ISO 8601 fix
Schema.org accepts Date or DateTime on dateCreated, dateModified, datePublished. Google Search Console's strict validator emits 'Invalid datetime value' for the date-only form. Convert to ISO 8601 datetime with timezone offset. Here is how and why.
Spot the Spread: How to Find the Money Hiding Inside Your Own Business
Quant funds make billions exploiting structure, not direction. A small business owner can apply the same mindset, look for the spreads inside their own operation, and find money they did not know they were leaving on the table.
If You're Going to Have AI Write Your Business Tools, Use Python
A public benchmark gave Claude Code the same task in thirteen programming languages and measured the result. Python, Ruby, and JavaScript were 1.4 to 2.6 times faster and cheaper than statically typed alternatives. Here is what that means for any small business hiring AI-assisted code work.
The Case for an AI That Remembers You: Why Persistent Memory Beats a Fresh Prompt Every Time
An open-source agent called Hermes crossed 110,000 GitHub stars in ten weeks because of one feature: it remembers what you taught it last time. Here is what that changes for a small operator who runs the same workflow week after week.
The $50-a-Month AI Stack: How a Small Business Can Automate the Boring Half of the Work
A SitePoint engineer runs his full multi-platform social posting pipeline for under $50 a month using Claude and n8n. The same architecture maps onto invoicing, monthly reports, and customer follow-ups for any small business.
Your Small Business Probably Runs on WordPress. The 15-Minute Security Audit Most Owners Have Never Done.
43% of the internet runs WordPress. Most small-business WordPress sites haven't been audited since the day they were built. Here's the 15-minute self-audit, the seven checks that catch 90% of real risks, and the free tool that runs them for you.
Why the Claude Skill Linter Exists (and the Fourteen Patterns It Catches Before You Ship)
An engineering team lost $47,000 because two AI agents got stuck in a loop for 11 days. The patterns that caused it are visible in the skill text. The Skill Linter catches 14 of them in a single paste.
Why the AI Vendor Cost Reverse-Calculator Exists (and the 60-Second Negotiation It Powers)
73% of funded AI startups are wrappers reselling OpenAI or Claude. The Reverse-Calculator gives you the actual API cost behind the vendor's quote in 60 seconds, plus the negotiation prompt that closes the gap.
Before You Pay an Agency $3,500 a Month for 'Proprietary AI,' Open Your DevTools
An engineer reverse-engineered 200 funded AI startups. 73% are reselling OpenAI or Claude with a custom UI. Here's the 30-second test that catches the markup, the four red flags, and the honest math on what you should actually pay.
Why Google Rich Results Test only shows FAQ and Breadcrumb on your About page
Your schema validates clean but Google Rich Results Test returns only FAQ and Breadcrumb — or nothing at all. It's not a bug in your schema. It's a schema-type-eligibility issue Google does not document well, and the fix is one new schema type.
Before You Hire an AI Agency: A 30-Minute Self-Audit (Part 1 of 2)
Most AI agency pitches collapse under a 30-minute self-audit you can run with no technical skills. Eleven specific questions, the F12 check, and the cost math that lets a 25-person company evaluate any AI vendor without hiring a consultant to evaluate the consultant.
After You Fire the AI Agency: The 30-Day Migration Playbook (Part 2 of 2)
You ran the 11-question audit and decided to leave the agency. Here's the 30-day plan to extract your data, rebuild the workflows on Claude Pro for $20/month, and keep the lights on during the transition. Specific checklist, real cost math, no fluff.
How a 12-Person Trades Business Can Sell Its Permit-Pulling Cheat Sheet as a $19 PDF This Weekend
You already know things customers would pay for. Most small-business owners never package them. Here's the six-step weekend version: pick the workflow, draft it in Canva, ship it on Gumroad for free, link it from the page you already have. No funnel. No list.
The Invoice-Chase Skill, Opened Up: What's Inside Anthropic's Launch-Hero Workflow and How to Bend It to Your Business
Anthropic's invoice-chase skill became the marketing hero of the Claude for Small Business launch. Here's the instruction template behind it, the eight failure modes most owners hit in the first week, and the customizations that matter for service vs. product businesses.
Why five inline Person blocks broke my AI Search visibility (and the fix)
JSON-LD merges entities by @id. Declare the same Person five times inline with conflicting alternateName values and Google AI Mode picks Amazon Author Central instead of your own site. Here's how I caught it and what to do.
GDPR says people must be able to change their mind about cookies. Most consent banners do not let them.
A working consent banner is half of the legal job. The other half is a footer link that reopens it. Here is what the law actually requires and three ways to wire it up.
The Connector Permission Cheat Sheet for Claude for Small Business: Twelve Connectors, Twelve Minimum-Permission Sets
When you connect QuickBooks, Gmail, Stripe, or Slack to Claude, the default OAuth scope is usually broader than what the skill actually needs. Here's the smallest viable permission set for each of the 12 launch connectors, with the rationale.
Claude for Small Business Just Shipped. Here's a Plain-English Walkthrough for the 25-Person Landscaping Company.
Anthropic released Claude for Small Business on May 13, 2026 with 15 ready-made skills for payroll, books, invoicing, marketing, and onboarding. Here's what's actually in the box, how to turn it on this week, and the under-$100 stack it fits into.
Wall Street Is Betting on the Wrong AI Layer. So Are Most Small Businesses. Here's What That Means for Your Margin.
Wall Street pours money into AI models. SMBs pour money into AI vendors. Both are buying the layer that's commoditizing fastest. The boring layer underneath (skills, connectors, observability, cost discipline) is what actually decides whether AI makes you money.
Nine AI Mode entity-binding bugs that pass every schema validator
Nine schema patterns that validate clean, index without issue, and still cost a site its Google AI Mode citation. What to look for and how to fix each one.
How a Small Business Runs AI Agents Without a $47,000 Surprise Bill
An engineering team woke up to a $47K AWS bill because two AI agents got stuck in a loop for 11 days. Here's the cheat-sheet version for small-business owners: the four safeguards that prevent 99% of agent disasters, and the honest answer to whether you should run agents at all yet.
Your Coverage Report And Your Sitemap Disagree. Here's How To See Where.
Export three CSVs from GSC, Bing Webmaster, and your sitemap. Paste. See every URL that's in the sitemap but not indexed, every URL that's indexed but not in the sitemap, and every ranking drop month-over-month. No OAuth, no paid rank tracker.
Gravatar is the indie operator's Wikidata, and most people miss it
Wikidata feeds Google's Knowledge Graph. So do Gravatar, ISNI, VIAF, Linktree, and a handful of industry-specific directories most operators never claim. The full portable identity-anchor playbook for people who can't qualify for Wikidata.
Your schema validates. Google AI Mode still can't find you. Here's the missing piece.
A site I work on dropped out of Google AI Mode citations for the operator's own name after a routine schema cleanup. The fix was not more schema. It was binding the entity to Google's Knowledge Graph with kgmid, Maps cid, and dual-typed JSON-LD.
Your robots.txt Says One Thing And Your CDN Says Another
You disallowed GPTBot in robots.txt. Your CDN injects X-Robots-Tag: all. Your ai.txt was never created so it defaults to permissive. Three sources of truth, three different answers, and the crawler picks whichever it likes. This tool flags every disagreement per bot.
Your AI Bot Policy Lives In Three Files, And They Probably Disagree
Your robots.txt disallows GPTBot. Your ai.txt allows OpenAI-User. Your meta robots says index,follow. Crawlers pick the most permissive interpretation and you accidentally opt into training you thought you'd blocked. One tool emits all three files, consistent, per 22+ named AI crawlers.
Why Your Analytics Are Lying: How Ad Blockers Hide 40% of Your Visitors
Ad blockers, privacy browsers, and tracking prevention tools hide up to 40% of your real traffic from Google Analytics. Cloudflare Zaraz fixes this for free. Here's how to set it up.
Self-host the CDN-hosted fonts and scripts. The DNS lookup costs more than the asset.
Public CDNs add 100-300ms of cold-start latency, leak visitor IPs, and break when the CDN goes down. The fix is the same five-step recipe whether the asset is a font, a CSS framework, or a small JavaScript library.
Your Article Covers The Topic But Doesn't Answer The Question
Headings Outline validates structure. Heading Gap Audit compares to competitors. This tool compares your headings to your actual target query — catching the 'good article, wrong question' failure mode. Per-heading alignment score with a semantic-expansion pool for related-query variations.
Your Lighthouse Score Is Green But Real Users Are Suffering
Lighthouse tests a single cold load with throttled network on a simulated device. CrUX aggregates 28 days of real-user sessions. When they disagree — lab green, field red — your synthetic test has a blind spot. The tool queries Google's PSI API for both, computes the delta per metric, and emits the diagnosis prompt.
Cut The Filler Paragraphs — Measuring Information Payload Per Paragraph
A 2,000-word article with one dense paragraph and twenty filler paragraphs ranks worse than a 600-word article that's dense the whole way through. This scorer measures information payload per paragraph — noun-phrase density, entities per 100 words, specific-claim markers (numbers, dates, money), filler ratio — and flags paragraphs to cut.
Circular Canonicals Tank Both Pages — Canonical Cluster Mapping
Per-URL canonical checks catch the obvious bugs. Graph-level canonical mapping catches the subtle ones — circular canonicals (A→B, B→A), canonical pointing at a noindex page, cross-protocol drift. The mapper fetches your sitemap, builds the target graph, clusters by canonical destination, and flags every conflict type.
llms-ctx.txt and llms-ctx-full.txt: The FastHTML Extensions to llms.txt
The pair of files that take llms.txt one step further by pre-wrapping linked pages in XML tags ready for one-shot LLM prompt injection. Worth it for docs and KB sites, skippable for the rest.
The HCU Classifier: Why One Bad Page Can Drag Down Your Whole Site
Google's Helpful Content System runs continuously inside core ranking and applies a sitewide demotion when unhelpful signals stack up. Here's how to detect it and what to fix.
The Cloudflare Agent Readiness Score and What It Actually Checks
isitagentready.com tests for 13+ signals across discoverability, content, bot access, and capabilities. Here's what each one does, what's worth shipping, and what's optional for most sites.
AGENTS.md: The Root-Level README That AI Coding Agents Actually Read
Cursor, Claude Code, Codex, Copilot, Gemini CLI, and 30+ other coding agents look for /AGENTS.md before they touch your repo. Here's the spec, why it matters, and what to put in it.
Thirteen Probes For The Agent-Ready Web, And A Browser-Side Tool That Runs All Of Them On Any URL
A new free auditor at jwatte.com runs the same thirteen probes Cloudflare and isitagentready.com use to score a site as agent-native: Link headers, Markdown negotiation, Content Signals, Web Bot Auth, API Catalog (RFC 9727), MCP Server Card (SEP-2127), Agent Skills v0.2.0, WebMCP, OAuth metadata, x402 plus the three commerce protocols. Browser-side, no signup, no data stored.
WebMCP — The First Real Agent API For Your Site (And Why llms.txt Wasn't It)
Chrome shipped WebMCP in Canary on February 10, 2026. It's the first browser-native protocol for sites to expose agent-callable actions, and it's what llms.txt was supposed to be — but actually shipping. Two surfaces (Declarative API + Imperative API), the four declarations to add, and why getting in early on a W3C Community Draft is the right move for SMB sites this year.
Every Unsplash Photo On Your Site Legally Needs Attribution
Unsplash's license requires attribution. Pexels' license requires attribution. Free stock doesn't mean no strings. Beyond legal exposure, missing image credit disqualifies you from Google's image-rich-results (requires ImageObject.creditText or copyrightNotice). The audit checks every image for attribution + C2PA manifest + ImageObject schema.
FAQPage Schema Alone Won't Get You Featured — Answer Quality Does
Your FAQPage JSON-LD is valid. Google still isn't using your answers as featured snippets or AI citations. The reason: answer quality. An answer opening with 'It means...' without naming what 'it' is doesn't stand alone. The scorer checks 8 linguistic signals known to predict which answers get lifted.
Three Agent Manifests Your Site Could Ship In 2026 — And Which One Actually Matters
Three different well-known files claim to be the agent's entry point to your site: llms.txt, /.well-known/ai-plugin.json, and /.well-known/webmcp. They do different jobs, have very different adoption, and only one is worth shipping first in May 2026. The honest comparison.
"Host Did Not Return Markdown Content When Accept: text/markdown Was Requested" — What That Means And How To Fix It
Run the Agent Runtime Readiness audit and you may see this warning on the third test. It is the audit telling you AI runtimes are sending Accept: text/markdown to your URL and getting full HTML back instead of a slim markdown twin. Here is what the warning is actually testing, and the two fix paths — the Cloudflare toggle and the origin-side content negotiation pattern.
Fix The Markdown For Agents Warning On Vercel — Edge Middleware Pattern
If your site is on Vercel and the Agent Runtime Readiness audit warned about missing Markdown content negotiation, here is the middleware.ts pattern that fixes it. Two patterns — companion file and runtime conversion — with route matchers and the Vary header your CDN needs.
Squarespace, GoDaddy, And The Markdown For Agents Warning — What You Can And Cannot Fix
Closed website builders like Squarespace and GoDaddy Website Builder cannot fully fix the Markdown for Agents warning because they don't expose HTTP-level controls. GoDaddy Managed WordPress and cPanel hosting can. Here is the honest split — what's possible on each, the partial workaround for closed platforms, and the real .htaccess + PHP fix for managed WordPress.
Fix The Markdown For Agents Warning Without A CDN — Nginx, Apache, And Caddy Configs
If your site is served directly from Nginx, Apache, or Caddy with no CDN edge layer in front, you can still implement the Markdown for Agents content-negotiation pattern. Three side-by-side configs — what to add, where to add it, and how to test it works.
Fix The Markdown For Agents Warning On Netlify — Edge Functions Pattern
If you saw "Host did not return Markdown content" from the Agent Runtime Readiness audit and your site is on Netlify, the fix is a 30-line Edge Function that intercepts Accept: text/markdown and serves a clean markdown twin. Two patterns — companion file and runtime conversion — with the netlify.toml route config.
Fix The Markdown For Agents Warning On Fastly — Compute@Edge Pattern
If your site is on Fastly and the Agent Runtime Readiness audit warned about missing Markdown content negotiation, here is the Compute@Edge JS pattern that fixes it. Why VCL alone cannot do this, the full handler, and the cache configuration that lets the edge keep both response shapes.
Fix The Markdown For Agents Warning On AWS CloudFront — Lambda@Edge Pattern
If your site is on AWS CloudFront and the Agent Runtime Readiness audit warned about missing Markdown content negotiation, the fix is a Lambda@Edge function on the viewer-request or origin-response trigger. Here is the implementation, the deployment path, and why CloudFront Functions cannot do this on its own.
When the auditor can't reach your site: save your page or briefly unblock the probe
Step-by-step browser walkthrough (Chrome, Edge, Firefox, Safari) to save your rendered HTML, plus exact menu paths to allow the probe through the top 10 hosting and bot-protection platforms. Beginner-level.
E-E-A-T Is Content. Trust Signals Are Infrastructure.
Google News Initiative's Trust Project defined 12 structural artifacts that signal 'a real organization stands behind this content' — editorial policy, corrections policy, author bio, physical address, external review platforms. The audit checks all 12 in one pass. Distinct from E-E-A-T content audits; this is infrastructure.
Why Your Blog Has 200 Posts But Only Page 1 Is Indexed
Google deprecated rel=prev/next as a ranking signal in 2019, but it still uses the chain for discovery. More urgently: the canonical-to-page-1 anti-pattern — where every paginated page declares /page-1/ as canonical — silently de-indexes every deep page. The checker follows the chain up to 10 pages and validates every rule.
I Built An MCP Server Recommender Because Configuring Claude Desktop Should Take Five Minutes, Not Five Hours
A new free generator that takes a checklist of what your team uses and emits a paste-ready claude_desktop_config.json with the right Model Context Protocol servers wired up. Vendor-published servers labeled green, community labeled amber, reference labeled blue. Covers GitHub, Linear, Atlassian, Slack, Notion, Stripe, Postgres, Sentry, and more.
I Built A Hedge Language Auditor After Reading Kevin Indig's Citation Research. Here Is What It Catches.
A new free browser-based tool that scores any article on the four research-backed AI citation frameworks: BLUF, definite phrasing density, entity density, strategic repetition. Surfaces every hedge word, every BLUF-fail section, and the repetition gaps that hide your strongest claim from retrieval.
I Built A Printable Fraud Reflex Card After Reading The FBI's 2025 Crime Report. Print One Per Workstation.
A new free generator that emits a printable one-pager of the six AI-era fraud reflexes — callback rule, dual-channel verify, did-I-initiate-this, voice-print phrase, deferred-response wait, clean-channel review — customized per business with internal contact details. Grounded in the FBI's 2025 IC3 report ($20.9B losses, $893M AI-enabled).
I Got Tired Of Hand-Writing Cloudflare Cache Rules For AI Bots. So I Built A Generator.
A new free generator that emits a paste-ready Cloudflare Cache Rule expression for AI bot HTML traffic, with TTL bands by content type and dynamic-surface exclusions. Three output formats: dashboard expression, Terraform, cURL/API. Reduces 499 timeouts that hide your pages from ChatGPT, Claude, and Perplexity.
Three Tests Every Page Has To Pass For An AI Agent Runtime, And A Tool That Runs Them
A new free auditor that runs the three tests every page should pass for AI agent runtimes (Cloudflare Project Think, OpenAI Agents SDK): server-rendered content ratio, inline JSON-LD presence, Markdown-for-Agents content negotiation. Backed by the April 2026 runtime-layer shift.
I Built An Ad Library Deeplinker Because Investigating One Brand Across Five Platforms Was Eating Mornings
A new free utility that takes one brand or Page name and produces paste-ready deeplinks across Meta Ad Library, Google Ads Transparency Center, X Transparency, LinkedIn Ad Library, TikTok Commercial Content Library, and EU DSA repositories. No scraping, no login, just the canonical search URLs.
The Retail Quant Stack: Coinbase, ccxt, vectorbt, And A Working Momentum Backtest
A specific, free or near-free GitHub stack a retail trader can run on a laptop: ccxt for data, vectorbt for backtesting, freqtrade for live execution, coinbase-advanced-py for direct API access. Includes a runnable time-series momentum backtest, realistic Coinbase fees, and the academic results to expect.
Why Top Quant Desks Outperform, And How U.S. Tax Code Multiplies The Edge
Renaissance, Citadel Securities, Jane Street, XTX, HRT, DRW: a tour of who actually makes the money, why their edge persists, and how Section 1256, Section 475(f), and the post-Lender family office structure quietly compound that edge inside U.S. tax code.
Inside Quadrature Capital and Radix Trading: What's Actually Public, And What Retail Can Borrow
Two of the most secretive AI quant firms in the world, Quadrature in London and Radix in Chicago, leak just enough about their stack to be instructive. Here is what is actually verifiable about how they trade, and the parts a retail investor with a laptop and a Coinbase account can reasonably copy.
MyClaw, Microsoft, And The Honest Answer For Small Operators Who Want An AI Assistant Without Hiring An Employee
MyClaw is managed hosting for the OpenClaw agent, priced from $16 a month. The product is real, the productivity case is real, and the security disclosures are thinner than I would want. Here is what it actually does, where it fits, and when an SMB operator should pick it over Claude.ai direct or Microsoft 365 Copilot.
$5.4 Billion And 17.5 Million Ads: What The Meta Ad Library Actually Tells You About How U.S. Political Money Flows
I downloaded the Meta Ad Library's lifelong U.S. dataset for ads about social issues, elections, and politics. Here is what the real numbers say about who spends, where the money lands, and how political advocacy hides behind brand names. Plus comparable transparency reports from Google, X, LinkedIn, and TikTok.
The Best MCP Servers By Industry: A Practical Tour Of github.com/mcp For 2026
GitHub's MCP Registry now lists thousands of Model Context Protocol servers. This is a curated, cited tour of the ones that actually move work in finance, dev, support, marketing, and infrastructure, with copy-paste configuration examples for Claude Code and Claude Desktop.
Google Preferred Sources Is Not A Trust Algorithm. It Is A Subscribe Button. Here Is What To Do With It.
Google quietly expanded Preferred Sources globally on April 30, 2026. The feature lets users mark publishers they want to see more of in Top Stories. John Mueller has confirmed it is not an override of quality signals. Here is the publisher's playbook for actually getting selected, and where it fits with EEAT and the new AI search layer.
How to Verify an Auditor's Findings Without Trusting the Tool: Ethical Scraping for Small Operators
When an automated WCAG, cookie, or security audit flags your site, you need a way to reproduce the finding before you spend money fixing the wrong thing. A practical guide to scraping in a way that respects ToS, the CFAA, and the people running those sites.
The FBI Logged $20.9 Billion In Internet Crime Losses Last Year. Here Are Six Reflexes Small Business Owners Should Have Already Built.
The FBI's 2025 Internet Crime Report logged $20.9 billion in losses, with $893 million directly attributed to AI-enabled fraud and government impersonation losses nearly doubling. Here is the working set of reflexes a small business owner can build this week, grounded in the FBI numbers, neuroscience, and the new agent infrastructure that scaled the attack surface.
Why ChatGPT Cites Your Competitor And Not You: Four Writing Frameworks With The Research To Back Them
Four writing patterns that consistently improve the odds an AI model picks your page as the citation for an answer. Each is grounded in published research on how transformer attention works in retrieval, and each is testable on a single page in under five minutes.
The Conversation Has Moved Past The Model. The Conversation Is Now The Runtime.
On April 15, 2026, Cloudflare's Project Think and OpenAI's updated Agents SDK both shipped on the same day, both answering the same question: how does a long-running AI agent actually run in production. The runtime is the new browser, and your website is going to be evaluated against it, not against any individual model. Three tests to run before next week.
Your Site Might Be Invisible To ChatGPT For A Reason That Never Shows Up In Google Search Console
AI search runs in real time. If your origin doesn't respond fast enough, the agent gives up and your page is excluded before passage selection even starts. The signal lives in your edge logs as a 499 status code, and most SEO tools never look at it. Here is what to check, and what to fix.
/ultrareview: A Multi-Agent Code Review That Runs in the Cloud While You Keep Working
Claude Code v2.1.86 added /ultrareview, a fleet of reviewer agents that run in a remote sandbox and verify every finding before reporting it. Here is how to use it, what it costs, and how it compares to Cursor Bugbot, GitHub Copilot review, CodeRabbit, and Gemini Code Assist.
The Sitemap That Claims Every Page Was Updated Today — Fake-Fresh Detection
Many CMS plugins stamp every URL's lastmod as today on every sitemap rebuild. Google correlates the claim against the Last-Modified server header and the visible dateModified in JSON-LD. When sitemaps lie, Google eventually distrusts the whole freshness signal — and every page pays the cost.
A Deploy Silently Blocked GPTBot Last Week And Nobody Noticed
robots.txt gets regenerated on every deploy. ai.txt drifts when an agency 'cleans up' entries. llms.txt gets reformatted by the new CMS plugin. Any one of these can silently block an AI crawler and cost you citations for months before anyone notices. The diff tool compares two snapshots and classifies every change.
Paperclip: When Your AI Agents Need an Org Chart, Not a Prompt
Paperclip is an open-source platform that treats your AI agents like employees: org charts, monthly budgets, heartbeats, and tickets. Here is how it works across Claude Code, Codex, Cursor, and any agent that can receive a webhook.
Why a New Website Doesn't Show Up in Search, and the Free Stack That Fixes It
Sitemap submission, IndexNow, Google Business Profile, citation consistency. The discoverability stack I run on every new site, in priority order, with sources and the ranges of time each step actually takes.
How to Vet an HVAC Company: An 11-Point Scorecard That Saves Thousands
HVAC overcharging is structural, not occasional. $13K water heater quotes and $25K furnace pushes are documented in BBB complaints. Here's an 11-point scorecard you can use anywhere in the U.S.
BIMI and MTA-STS: Ship Both in an Afternoon, on Any Host (No $1,500 VMC Required)
BIMI puts your logo in the inbox. MTA-STS stops attackers from TLS-downgrading your incoming mail. Both use a DNS record plus an HTTPS-hosted file. Setup takes about an hour per domain on Netlify, GoDaddy, Vercel, Squarespace, or Wix, and the price for most small businesses is $0.
How AI Agents Coordinate And How They Remember: The Two Architecture Choices Behind Every Agent Project
Two questions decide whether an AI agent project ships or stalls: how the agents coordinate, and how they remember. A small-business and local-government playbook.
Why I Built Site Migration Gen. The Rebuild That Lost a Client Their Brand, Their Rankings, and a Quarter of Their Traffic
I rebuilt a small-business site with a generic AI prompt and shipped a faster, cleaner version that quietly destroyed the brand. This tool is the prompt I wish I had written that day.
Your JSON-LD Passes Validation And Still Breaks — The Graph Problem
Generic JSON-LD validators check each node in isolation and pass your schema with a green checkmark. Then Google ignores half of it because the Article references an author @id that doesn't resolve, or the Organization has no inbound references from anywhere, or the author has no inverse creativeWork link. The linter treats JSON-LD as a graph.
When Every Link To /Pricing Says 'Pricing' — Internal Anchor Over-Optimization
External anchor-text over-optimization is a known backlink-manipulation signal. Internal anchor-text over-optimization is the same pattern on your own site — every link to /pricing saying 'pricing' with zero variation. Shannon entropy measures it. Under 1.5 is a red flag. The scanner crawls your sitemap and measures it per target URL.
Robots Meet AI Employees: A 4-Year Industry Roadmap Based on Real Dev Speed (2027, 2028, 2029, 2030)
Cited 1/2/3/4-year forecast for humanoid robots and AI employees, grounded in actual dev speed. Figure AI, Tesla Optimus, Apptronik, Agility, NVIDIA GR00T, Physical Intelligence — what shipped, what's planned, what banks are projecting.
When the Robot Cooks, Drives, and Runs Errands: Personal Services Automation for Restaurants, Delivery, Trades, and Pilots — Cited Roadmap Through 2030
Cited roadmap for consumer-facing physical AI — restaurants (Miso, Chipotle), delivery (Starship, Nuro), driving (Waymo, Tesla FSD, Zoox), pilot/aviation autonomy (Joby, Wisk), and skilled trades robotics. What's deployed in 2026, what ships through 2030.
Google's AI Overviews Now Pulls Expert Advice From Reddit and Forums. What That Means For Your Content Strategy
Google updated AI Overviews to include preview perspectives from Reddit, web forums, and other firsthand sources. Here is what changes for your SEO, your content, and which audits to run now.
AI's Wider Wave: Legal, Medical, Hospitality, Housekeeping, and Government — State-by-State Impact and a W-2 Survival Playbook
Cited deep-dive on AI in legal, medical, hospitality, housekeeping, and government work. Brookings + Goldman + OpenAI research on which US states are most exposed. A practical W-2 navigation playbook for the next four years.
AI Employees for Small Business: 10 Real Stacks That Move Faster — Cited Cases from Anthropic, OpenAI, Shopify, GitHub, and the Indie Founder Underground
Cited examples of small businesses and solo operators using Anthropic, OpenAI, Shopify Magic, GitHub Copilot, and indie tools to multiply output without hiring. Stacks, costs, and the productivity numbers that vendors actually publish.
AI Employees in 2026: What They Already Do Across HR, Front Desk, SEO, Real Estate, and More — Plus What's Shipping in 2027
Cited capabilities of AI agents across HR, reception, SEO, real estate, sales, customer service, legal, healthcare, software, and marketing — with what shipped in 2026 and what's on the 2027 roadmap.
The .well-known Directory: Your Site's Machine-Readable Identity Hub
The .well-known directory is how machines discover your site's identity, security contacts, AI capabilities, and federation endpoints. Here's the complete guide to every file that matters in 2026.
The Tribute Microsite: When robots.txt Points at Another Domain on Purpose
A focused sub-domain microsite whose robots.txt and sitemap.xml point back to a master domain looks like a misconfiguration. It can be a deliberate authority funnel for campaigns, milestones, and launches. Here's when it works.
Site Migration Gen — Rebuild Your Site Without Losing What Matters
Paste your old site's URL, pick a modern framework and host, and generate a comprehensive AI prompt that rebuilds your site with every best practice baked in while preserving your business name, photos, content, and search rankings.
Migration Analyzer — Know What Breaks Before You Move Your Site
Before migrating your site to a new platform, run the Migration Analyzer. It detects your current CMS, catalogs portable vs vendor-locked assets, scores migration risk, and generates an AI prompt for the rebuild.
A German Page With USD Prices Is Not Actually Localized
Hreflang tags are one locale signal. HTML lang, og:locale, schema priceCurrency, addressCountry, telephone country code, and visible price symbol are five more. They need to agree. When they don't — German page declaring EUR in schema but showing USD prices in the body — Google treats the page as half-localized and conversions drop 20-40%.
Image Prompt Gen — AI Image Prompts for Favicons, Heroes, and Brand Photos
Generate platform-ready prompts for Midjourney or Ideogram to create favicons, hero images, social cards, and brand photos. Includes ImageMagick post-processing commands for every image type.
Apple Says 30 Characters, Google Says 50 — Per-Locale ASO Parity
Apple caps iOS titles at 30 characters, subtitles at 30, keyword field at 100 (and penalizes duplicates from the title). Google Play caps titles at 50, short descriptions at 80. Per-locale. Most apps ship the English listing as a literal-word-count-estimate translation and get truncated or penalized in 15 locales.
I shipped a tool that probes your site as ChatGPT, Claude, Perplexity, and 13 other bots so you can see exactly who is being blocked
The Bot Allowlist Validator sends a real HTTP request to your URL using each AI bot's published User-Agent and reports ALLOWED, WAF-CHALLENGED, BLOCKED, or PARTIAL per bot. Here is why it exists and how to read the output.
When 200 OK Lies: The SPA Shell Trap That Hides /llms.txt and /.well-known/ From AI Crawlers
If your SPA catch-all sends every unknown path to /index.html with a 200, AI crawlers think you have an llms.txt, a security.txt, and an agent-card.json. They don't. Here's how to detect it, and the Netlify config that actually fixes it.
Netlify Database, in Practice: Why a Postgres Branch per Deploy Preview Changes the Workflow
Netlify Database pairs Postgres with Deploy Previews so every PR gets an isolated database branch with a copy of production data. Here's what that lets you actually do, with code examples for migrations, schema changes, and AI-agent-driven feature builds.
How Mattel Consolidated 500 Digital Properties on One Platform — and What It Teaches Solo Operators
Mattel went from 500+ scattered web properties on legacy infrastructure to a single platform their full-stack developers can own end-to-end. The same principles work at one site or fifty. Here's what to actually take from the case.
ImageMagick for Favicon Sets and Brand Image Processing
Complete ImageMagick command reference for generating multi-size favicon.ico files, apple-touch-icons, PWA icon sets, WebP hero images, and OG social cards from a single source image.
Your Site Has No Favicon and It's Costing You Trust
A missing favicon makes your site look unfinished in browser tabs, bookmarks, and search results. Here's what to add, what sizes matter, and why AI engines use icon presence as a trust signal.
The Zero-Request Favicon: Emoji-as-data-URI-SVG You Can Ship in 60 Seconds
Skip the 16x16, 32x32, 180x180 favicon set entirely. One line of HTML, an emoji, and an SVG wrapper get you a sharp scalable favicon with zero network requests. Here's the recipe and the trade-offs to know.
Three Signals That Tell AI Engines Your Site Is Abandoned, Unqualified, or Locked Behind a Vendor
The Mega Analyzer's cross-validation layer now detects abandoned-site fingerprints, classifies YMYL verticals with missing trust signals, and identifies vendor-locked platforms so you know which fixes you can actually make.
Cloudflare is blocking AI crawlers from your site. Here's how to fix it without weakening bot protection.
If your site sits behind Cloudflare bot management, ChatGPT and Perplexity see a 403 challenge page with noindex/nofollow. Here is what is happening and how to fix it.
How to Generate Favicons and Brand Images with Midjourney and Ideogram
Step-by-step walkthrough of generating favicons, hero images, and brand photos using Midjourney's Discord bot and Ideogram's web UI plus API. Includes prompt formulas, API code, and ImageMagick post-processing.
Apple, Spotify, And Podcasting 2.0 — One RSS Feed, Three Validation Passes
Podcasting 2.0 adds transcript, chapter, person, and value tags that power AI-answer citations for audio content. Most feeds ship without them because Apple's submission flow doesn't require them. The new audit validates Apple basics, Spotify requirements, and Podcasting 2.0 namespace in one pass.
How One E-Commerce Category Page Spawns 10,000 Crawl-Waste URLs
Param-crawl-waste counts single-parameter duplicates. Facet-trap does different math: on a category page with 5 facets averaging 4 values each, the combinatorial space is 5 × 5 × 5 × 5 × 5 = 3,125 URLs. For 12 products. Google wastes 99% of its crawl budget on that one category.
Why Your YouTube Video Isn't Getting Key Moments Chapters In Google
Google's Key Moments SERP carousel only fires when your chapter formatting passes strict rules: first timestamp at 0:00, at least 3 chapters, 10-second minimums, ascending order. Or your page has proper Clip / SeekToAction JSON-LD. The new checker validates both paths.
When Programmatic SEO Becomes Thin-Content Spam — Shingle Detection
Programmatic SEO scales content by swapping one noun across a template. Google's Helpful Content system detects near-duplicate sets via shingle similarity and filters the whole template when pairwise similarity stays above 0.7. The new detector runs the same math in your browser.
The 17 Google Merchant Listings Fields Generic Validators Miss
Generic JSON-LD validators green-light Product schema that Google's Shopping Graph rejects. The Merchant-specific subset — shippingDetails, hasMerchantReturnPolicy, energyEfficiencyCategory, pricePerUnit, global identifiers — has its own rulebook, and as of 2026 Google enforces it more strictly for EU listings.
INP Attribution — Which Click Actually Broke The 200ms Budget
CWV Audit says your INP p75 is 340 ms. That's the aggregate. It doesn't tell you which click, which handler, which third-party script caused the jank. The new profiler loads your URL in an iframe, hooks PerformanceObserver + long-animation-frame, and attributes each slow interaction to a specific event target and script origin.
Pick Your Web Stack Without Guessing — A Visual Guide to 85+ Free Tools for Small Business Owners
You have a website. You know it could be better. You have no idea which of the 85+ free tools on jwatte.com apply to your situation. This guide groups every generator and audit tool by how much work it is, what it protects, and when a small-business owner should care — with concrete paths for three common scenarios.
GPTBot Doesn't Run JavaScript — What Your Site Looks Like To It
GPTBot, ClaudeBot, PerplexityBot, and CCBot don't execute JavaScript. They read your raw server HTML and move on. If your content only exists in the JS-rendered DOM, they see an empty shell. The audit catches thin raw HTML, render-blocking scripts, head-heavy CSS, and missing title/meta in the server response.
When 80% of Your Crawl Budget Goes to ?sort=price Duplicates
E-commerce and large blog sites routinely spray URLs like /products?sort=price&filter=red&page=2&utm_source=email. Googlebot crawls every combination; 80% of crawl budget goes to near-duplicates of one canonical page. The auditor clusters URLs by parameter fingerprint and emits the robots.txt + canonical config to stop the waste.
IaC Deploy Generator — One Form, Terraform + Ansible, Five Clouds, Production-Hardened
Pick a cloud, a reverse proxy, and the services you want running. Emits Terraform HCL for provisioning (VM + firewall + floating IP) plus an Ansible playbook for configuring (Docker, Caddy/nginx/Traefik, TLS, the services). A repeatable, idempotent path from zero to HTTPS-serving host in 15 minutes.
The same person built RSS, RDF, Schema.org, and NLWeb. That is mostly the whole story.
R.V. Guha has spent thirty years giving the web a meaning layer for whatever client comes next. NLWeb is the latest pass at the same idea, not a new direction.
The agent web has four protocols now. Here is where each one fits.
NLWeb, WebMCP, ACP, UCP. Four open standards stack rather than compete. Here is what each one actually does, and which signals you can ship today.
7 Ways to Build a Local Business Lead List Without Buying One
A practical comparison of lead generation methods for local businesses: Google Places API, Yelp Fusion, OpenStreetMap, state registrations, industry directories, SerpAPI, and Apollo.io. Costs, limits, and code.
You Got a California Tracking Demand Letter. Here's How to Find Out What's Actually on Your Site.
Step-by-step guide to auditing your website after receiving a CCPA or pixel-based tracking demand letter. Free tools to identify every third-party script, cookie, and consent gap on your site.
No viewport meta tag means Google indexes your site as desktop-only
Without a properly configured viewport meta tag, mobile browsers render your page at 980px wide and shrink it to fit. Google's mobile-first indexing treats this as a non-mobile page.
Your video has 10,000 views and zero search impressions because the schema is missing
VideoObject schema markup tells search engines what your video is about, how long it is, and where the thumbnail lives. Without it, your video pages are invisible in video search results.
Your site doesn't respect dark mode. Your visitors notice.
CSS media queries for prefers-color-scheme, prefers-reduced-motion, and prefers-contrast let your site adapt to user preferences. Most sites ignore them.
Your URLs are telling search engines more than you think
Inconsistent trailing slashes, uppercase letters, session IDs in paths, and deep nesting all cost you crawl budget and split link equity. A URL hygiene audit catches them.
Trusted Types block the DOM XSS attacks that CSP alone cannot stop
Content Security Policy blocks inline script injection but does nothing about innerHTML and eval sinks. Trusted Types close that gap at the browser level.
That one marketing tag is costing you 600ms and you don't even check the dashboard
Every third-party script added to your site costs main-thread time, delays interactivity, and ships visitor data to someone else's server. Most sites have tags nobody uses anymore.
If your text contrast fails WCAG, one in twelve male visitors can't read it
Low-contrast text isn't a design preference. It's a readability failure that affects 300 million people with color vision deficiency and everyone reading in sunlight.
HTML tables without headers are invisible to screen readers
A table without th elements, scope attributes, or a caption is just a visual grid. Screen readers can't announce what column a cell belongs to, so the data becomes meaningless.
Your tab order is broken and keyboard users already left
A logical tab order is a WCAG 2.1 requirement and a usability baseline. If pressing Tab skips fields, jumps to the footer, or traps focus in a modal, keyboard-only visitors can't use your site.
Structured data is not optional anymore and most of yours is broken
Google uses structured data to generate rich results, knowledge panels, and AI overviews. Missing or malformed schema means your content gets displayed as a plain blue link.
One missing integrity hash and your CDN becomes an attack vector
Subresource Integrity ensures external scripts and stylesheets have not been tampered with. Without it, a compromised CDN can inject code into every page load.
Speculation Rules will make your site feel instant if you set them up right
The Speculation Rules API lets browsers prerender pages before the user clicks. When configured correctly, navigations feel instant. When misconfigured, you waste bandwidth.
Your reviews exist but Google cannot see them
Star ratings and review counts on your page mean nothing to search engines without proper schema markup. Most sites display social proof visually but fail to mark it up for rich results.
Why auditing one page at a time misses the pattern
Single-page audits catch page-level issues. Site-wide sampling catches template-level issues that affect hundreds of pages at once. Here is the difference.
One giant sitemap is a crawl budget problem hiding in plain sight
A single sitemap.xml with thousands of mixed URL types makes it harder for search engines to prioritize your important pages. Segmented sitemaps fix that.
Your service worker might be caching problems instead of solving them
A misconfigured service worker can serve stale pages, break updates, and trap users in an old version of your site. Here is what to check and why it matters.
Your service worker might be caching pages it should not touch
A misconfigured service worker scope can serve stale content, break navigation, or cache private pages. Most sites never audit what their service worker actually controls.
You might not even be in the race and here is how to check
Before you optimize a single page, find out whether Google considers you a competitor for your target queries. Most small sites are not even in the cohort.
You found 200 SEO issues. Now what? Build a roadmap that doesn't stall.
SEO audits find problems. Roadmaps fix them. A 30/60/90 day plan with impact-effort scoring turns overwhelming findings into a sequence you can actually execute.
Your robots.txt is probably blocking something you did not intend
A single misplaced wildcard in robots.txt can hide entire sections of your site from search engines. Most site owners never test their rules against real URLs.
You have schema markup. Google still won't give you a rich result. Here's why.
Partial schema triggers validation but not rich results. Missing required fields, wrong nesting, and incomplete types are why your snippets don't appear.
You're sending a 2400px image to a 375px phone. Here's what that costs.
Responsive images with srcset and sizes serve the right resolution to each device. Without them, mobile users download images 5-10x larger than needed.
Your homepage is 8MB of HTML. Nobody asked for that.
Oversized HTML responses waste bandwidth, slow parsing, and hurt mobile users. A response size budget catches bloat before it costs you traffic.
Preload, prefetch, preconnect: you are probably using the wrong one
Resource hints tell the browser what to load and when. Using preload where you meant prefetch wastes bandwidth. Using prefetch where you meant preload delays rendering.
Your site is breaking in production and nobody is reporting it to you
The Reporting API lets browsers tell you about CSP violations, network errors, and deprecation warnings automatically. Most sites never set it up.
Why your site's invisible supply chain matters more than you think
Every externally loaded font, script, and tracking pixel is a dependency you don't control. A single CDN outage or privacy policy change can break your site or expose your visitors.
Your outbound links are making promises you might not intend
Every link on your page tells search engines something about trust. A missing rel attribute on a sponsored link or user comment can cost you ranking authority.
When alt text repeats the heading, screen readers say everything twice
Images with alt text that duplicates the adjacent heading or caption create a stuttering experience for screen reader users. Here is how to find and fix every instance.
Every redirect hop costs you speed, PageRank, and crawl budget
Redirect chains of 3+ hops waste crawl budget, dilute link equity, and add hundreds of milliseconds to every page load. Most sites have chains they do not know about.
Your content reads at a college level but your audience didn't go to college
The average American reads at a 7th-8th grade level. If your site content reads at grade 12+, you are writing for yourself, not your audience. Here is how to measure it.
If Google can't see your content without JavaScript, neither can AI
SPA frameworks that render everything client-side ship empty HTML to crawlers. Your content exists in JavaScript bundles that search engines may never execute.
Broken pagination markup quietly deindexes your best content
When rel=next/prev is wrong or your canonical points every paginated page back to page 1, Google may ignore your deep archive entirely. Here is how to check.
Pages in Your Sitemap With Zero Internal Links — Orphan Detection
A page in your sitemap that no internal link reaches from the homepage is an orphan. Googlebot discovers pages primarily through links — sitemap-only pages get deprioritized or never crawled. The detector BFS-crawls your site from the homepage up to N hops, then diffs against your sitemap.
Your pages look broken on social media because nobody checked the meta tags
Missing or misconfigured Open Graph and Twitter Card tags mean your content shows up on social platforms with wrong images, truncated titles, or blank previews.
The CSS animations killing your INP score
Animations on color, box-shadow, width, and top trigger paint on every frame. The browser works harder, the main thread blocks, and your INP suffers.
When your meta robots and X-Robots-Tag disagree, pages vanish
A noindex in your HTTP headers silently overrides what your HTML says. Most site owners never check both layers, and pages disappear from search without warning.
If a page is six clicks from your homepage, search engines might never find it
Click-depth directly affects how often Googlebot crawls your pages and how much PageRank they inherit. Most sites bury their best content too deep without realizing it.
Mixed content is still breaking sites in 2026
One http:// image on an https:// page can trigger browser warnings, break trust indicators, and get your page flagged. Here is how to find every instance.
When meta robots and X-Robots-Tag disagree, your pages silently vanish
A noindex in your HTTP headers can override everything in your HTML head. Most site owners never check both layers, and their pages disappear from search without warning.
llms.txt is the new robots.txt and most sites are doing it wrong
AI answer engines need structured guidance about your site. A broken or missing llms.txt means LLMs guess instead of citing your best content.
Your outbound links tell search engines who you trust
Every link you place on a page is a vote of confidence. Link to junk and search engines notice. Link to authoritative sources and your own credibility rises.
Lazy loading every image is not a performance strategy
Adding loading=lazy to every image sounds like a quick performance win, but it delays your LCP element and creates layout shifts. An audit separates what should be lazy from what should not.
Your JSON-LD validates but Google ignores it because the graph is broken
Valid JSON-LD syntax doesn't mean a working schema graph. Dangling @id references, orphan nodes, and broken nesting silently prevent rich results.
That popup is costing you rankings. Google told you in 2017.
Google penalizes intrusive interstitials on mobile. Full-screen popups, forced newsletter modals, and cookie walls can suppress your search visibility.
Client-side validation is a courtesy, not a guardrail
Auditing client-side input validation to catch missing constraints, inconsistent error messages, and patterns that break on mobile or with autofill.
Every onclick= in your HTML is a security hole waiting to happen.
Inline event handlers block Content Security Policy enforcement and create XSS vectors. Here's how to find them and refactor to addEventListener.
Your images aren't in Google Images because they're not in your sitemap.
Standard sitemaps list pages, not images. The image sitemap extension tells Google exactly which images to index and what they depict.
Your hero image is lazy-loading. That's why your LCP score is terrible.
Lazy-loading above-the-fold images delays your largest contentful paint. Here's how to audit LCP candidates and fix the loading priority chain.
The missing width and height attributes silently tanking your CLS score
Images without explicit width and height attributes cause layout shifts that hurt Core Web Vitals. The fix is two HTML attributes per image tag.
When five links all say 'Click here,' screen readers hear five identical doors to nowhere
WCAG 2.4.4 requires link text to describe the destination. When multiple links share the same visible text but point to different URLs, keyboard and screen reader users can't tell them apart.
Your how-to content does the work but Google can't read the steps
HowTo schema markup turns step-by-step content into rich results with expandable steps. Most implementations miss required fields or break nesting rules.
Most forms fail accessibility before anyone ever fills them out
Unlabeled inputs, missing autocomplete hints, and broken tab order silently exclude users and invite ADA demand letters. Here is what the audit checks and how to fix it.
You're shipping 200KB of font glyphs your visitors will never see
Most web fonts include thousands of glyphs for languages your site doesn't support. Subsetting strips the dead weight and cuts font payload by 70-90%.
Google Fonts adds 400ms to your first paint. Self-hosting the same files takes 10 minutes.
Loading fonts from fonts.googleapis.com requires two extra origins, blocks rendering, and leaks visitor IPs to Google. Self-hosting the same WOFF2 files eliminates all three problems.
Why your site feels slow even when PageSpeed says it's fast
First Input Delay measures the gap between a user's first click and the browser's response. A page that loads fast but responds slowly still feels broken.
Featured snippets follow a pattern. If your content doesn't match it, you won't get one.
Google pulls featured snippets from pages with question-shaped headings followed by concise 40-60 word answers. Most pages bury their answers in paragraphs no algorithm can extract.
Your FAQ schema probably doesn't match what's actually on the page
Ghost questions in your JSON-LD, missing answers, and drift between visible FAQ content and schema markup cost you rich results silently.
Your events page is invisible to Google if the schema is wrong
Event schema errors silently kill your chances at rich results. Missing dates, wrong time zones, and stale listings are the most common culprits.
You're paying for a CDN. Your cache hit ratio says it's not working.
Most sites push traffic through a CDN and assume it's caching. Response headers tell the real story. Cache-Status, Age, and X-Cache reveal whether your edge is serving or just proxying.
Your server knows what the browser needs before the HTML arrives. Early Hints tells it.
HTTP 103 Early Hints lets your server push preload and preconnect directives while it's still building the response. Most servers support it. Almost nobody uses it.
DNS Records Generator — One Email Setup, Five Provider Syntaxes, Zero Typos
Email authentication records that pass Gmail delivery tests on the first try. Pick an email provider (Google Workspace, Microsoft 365, Fastmail, Mailgun, SES, etc.), enter your domain, and get the full SPF + DKIM + DMARC + MX + CAA + MTA-STS + DNSSEC record set in whichever provider syntax your DNS host speaks.
Your CSS is probably three times heavier than it needs to be
CSS bloat slows rendering, increases specificity wars, and makes every design change a guessing game. Here's how to measure complexity before it buries you.
Most CSP headers use unsafe-inline and call it security. Here's what strict actually looks like.
A CSP with unsafe-inline stops nothing. Nonce-based policies, strict-dynamic, and Trusted Types are the three layers that actually prevent XSS. Most sites have zero of them.
Your CSP says allow everything from *.cdn.com. That's not a policy, that's a suggestion.
A Content Security Policy full of wildcards protects nothing. The CSP Allowlist Completeness Audit cross-references what your page actually loads against what your headers permit.
Your Lighthouse score is lying to you. Here's what Google actually measures.
Lighthouse runs on your machine with your fast CPU and your empty cache. CrUX field data is what Google ranks on. The gap between the two costs real traffic.
You can't beat competitors you haven't measured
A side-by-side SEO comparison across six dimensions reveals where you're ahead, where you're behind, and where the gap is small enough to close.
The User-Agent string is dying and your site probably isn't ready
Chrome is freezing the User-Agent string and replacing it with Client Hints. If your site relies on UA parsing for device detection, it will break.
If AI can't find you in its training data, you don't exist to its users
AI answer engines cite brands they can verify across Wikipedia, Wikidata, G2, Crossref, and 14 other corpora. If you're absent from these, you're invisible.
RAG Splits Your Page Into Chunks — How To Make Each Chunk Retrievable
Retrieval-Augmented Generation splits your page into fixed-token chunks, embeds each, and retrieves the best-matching chunk when a user asks a question. If your content only makes sense when read in order, RAG fails. The scorer splits your URL three ways and grades each chunk.
Your breadcrumbs are lying to Google about how deep your site goes
Breadcrumb trails that skip levels, dead-end on category pages, or nest seven layers deep confuse both crawlers and humans. Here's how to audit the depth.
Google checks whether your articles have a real author and most don't pass
E-E-A-T starts with authorship. Eight signals determine whether Google treats your article as credible or anonymous content. Most sites miss at least four.
Your API keys are in your HTML and anyone can read them
Leaked API keys in frontend code cost businesses thousands in unauthorized charges. Most developers don't realize their secrets are visible in page source.
AI wrote your content and everyone can tell except you
Google, the EU AI Act, and readers all expect AI-generated content to be disclosed. Most sites miss the signals. Here is what to check and how to fix it.
Your 404 page is a ranking signal and most of them are terrible
A bad 404 page loses visitors and tells search engines you don't care about user experience. Here's what Google actually checks and how to fix it.
How I Built a 67,000-Lead Pipeline With One AI Prompt and the Google Places API
Step-by-step build of an automated lead generation pipeline using Claude Code, Google Places API, Node.js, and Instantly.ai. Includes the prompt, the code, and the full import walkthrough.
ZeroSSL — The Let's Encrypt Alternative I Reach for When Rate Limits, Wildcards, or IoT Get in the Way
ZeroSSL is an ACME-compatible certificate authority that solves three specific problems Let's Encrypt doesn't: its 90-day rate-limit behavior on bulk issuance, wildcard issuance without DNS-01 on every provider, and 90-day certs for a large fleet of IoT devices. Here's when it actually matters.
XPU, NPU, GPU, TPU: What Each AI Chip Actually Does and When You Need Which
NVIDIA dominates AI training. But for inference, edge AI, and cost-sensitive workloads, NPUs, TPUs, and Intel's Gaudi are closing the gap. Here's the 2026 hardware map with actual TOPS numbers, cost comparisons, and the use case each chip type was built for.
Every Redirect Hop Beyond the First Leaks PageRank — Bulk Chain Audit
Paste up to 200 URLs. The auditor follows every chain, reports final status, flags chains longer than 2 hops (PageRank leak), catches mixed http → https downgrades, detects meta-refresh chains, and flags canonical mismatch at the final URL. Same signal Screaming Frog reports, free + browser-only.
Multi-Location Schema Audit: Why Franchise Sites Get Structured Data Wrong
Businesses with 2+ locations almost always have schema problems. One LocalBusiness for five branches, missing geo coordinates, NAP drift between pages.
Why a Multi-Location Schema Audit Exists
Franchise and chain businesses often ship generic LocalBusiness schema for every location. This audit validates subtypes, geo coordinates, and parent-child relationships per site.
Generate a Spec-Compliant /llms.txt From Your Sitemap in One Click
Point the generator at your sitemap. It fetches each URL's title + meta description, groups by path pattern into H2 sections, and emits a spec-compliant /llms.txt with H1 title, blockquote description, and link-list formatting. Diffs against any existing /llms.txt.
IndexNow Submission Audit: Stop Waiting for Search Engines to Find Your Pages
Your IndexNow key file might be broken and you wouldn't know it. Here's what the protocol requires, what goes wrong, and how to audit your setup in 30 seconds.
Duplicate Title and Meta Description Audit: The SEO Problem Hiding in Plain Sight
Duplicate titles and meta descriptions confuse search engines and waste crawl budget. Here's how they happen, why they matter, and how to find every instance.
Why a Duplicate Title and Meta Description Audit Exists
Duplicate titles dilute SERP click-through and duplicate descriptions get replaced by Google's own snippets. This tool crawls your sitemap to find every match.
Where Claude Opus 4.7 Actually Ranks and What Early Adopters Learned
Opus 4.7 leads SWE-bench at 87.6% and Chatbot Arena at 1504 ELO. It also lost 46 points on long-context retrieval and costs 34% more tokens for the same prompts. Here's where it actually stands, benchmark by benchmark, and what the first wave of upgraders paid.
Mercor: The $10 Billion AI Hiring Platform, Its Data, and the Cracks Showing
Mercor hit a $10 billion valuation at age two, manages 30,000 contractors paid $1.5M per day, and just confirmed a data breach from a supply-chain attack. Here's what the platform does, how the money flows, what the data risks look like, and why Scale AI is suing them.
A Markdown File Is the Best Memory Layer for Your AI Coding Tool
Three of the biggest AI coding platforms chose plain Markdown files over vector databases for persistent memory. Here's why it works, how to set it up in Claude Code, Codex, Cursor, and others, and when you actually need something heavier.
Search Console + Bing Importer: Cross-Reference Your Coverage Data Before It Costs You Traffic
GSC and Bing Webmaster Tools show coverage data in separate silos. This tool merges both CSVs against your sitemap to find the pages nobody is indexing.
DeepSeek V4 vs Kimi K2.6 vs Claude vs GPT: Where Open-Weight Models Actually Stand
DeepSeek V4 Pro hits 80.6% on SWE-bench Verified at $0.30 per million tokens. Kimi K2.6 scores 80.2% at $0.60. Both are open-weight. Here's how they compare to Claude Opus 4.7 and GPT-5.4 on coding, cost, and real-world tasks.
Think Like McKinsey For Free: Consulting Frameworks You Can Run Through Claude or Codex
McKinsey charges $500K per engagement. The frameworks they use are public knowledge. MECE, the Pyramid Principle, 7S, Porter's Five Forces, the BCG Matrix. Here's how to run each one through an AI coding CLI and get 80% of the analysis at 0% of the cost.
BYD Electric Cars: The Privacy Problem Nobody Reads Before Signing
BYD's God's Eye ADAS system includes 12 cameras, 5 radars, and 12 ultrasonic sensors as standard. It also sends data to Chinese servers via a GSM modem. Here's what the tech does well, what the privacy risks look like, and how BYD compares to Tesla on both fronts.
Build an AI Job Search Agent and an Inference Engine That Sizes Itself
The job search is a pipeline problem. Here's how to build an AI agent that finds openings, tailors resumes, and applies automatically, plus an inference routing layer that sends simple tasks to cheap models and complex ones to expensive models.
Babel Audio Pays Up To $50 an Hour To Read Aloud — But It Has To Be Perfect
David AI Labs runs Babel Audio, a speech data platform that pays up to $50 per hour for recorded conversations and read-aloud tasks. The catch: perfection is the baseline. Here's how it works, what the pay actually looks like, and whether it's worth your time.
Five AI Agents That Replace Five Hires: How To Build a Workflow Staff With Claude or Codex
An administrative assistant, a researcher, a chief of staff, a life coach, and a finance analyst. Five agent roles you can configure in Claude Code or Codex today, with the system prompts and workflow patterns that make each one usable.
Every Time an AI Model Update Broke Something
GPT-4's prime-number accuracy dropped from 97.6% to 2.4% in three months. Claude's thinking length collapsed 73%. Opus 4.7 lost 46 points on context retrieval. Here's the full timeline and what each incident teaches about validating before you upgrade.
GPT-5.5 (Spud) vs Claude Opus 4.7 — What Actually Changed At The CLI, And Why The Lead Isn't Durable
OpenAI shipped GPT-5.5 (codename Spud) and Anthropic countered with Opus 4.7 inside a month. Benchmarks move; the experience at the terminal shifts less than the marketing suggests. Here's what actually changed, what it means for Codex CLI vs Claude Code users, and the pricing squeeze Michael Parekh called correctly.
How To Validate an AI Coding Model Before You Trust It With Your Codebase
AI coding tools ship model updates that can silently break workflows, spike token costs, or claim tasks are done when they aren't. Here's a concrete pre-upgrade checklist and six alternative CLIs to keep warm.
SGE Readiness Audit: 18 Signals That Determine Whether Google AI Overviews Cite Your Page
A free tool that scores any URL against 18 on-page signals correlated with inclusion in Google AI Overviews. Checks answer conciseness, schema depth, passage retrievability, and E-E-A-T markers.
Why Scroll Depth + CTA Visibility Map Exists
Maps every CTA element to its scroll-depth position on mobile and desktop, flags buttons buried past 75% scroll, and identifies long dead zones with no visible action.
Why Revenue-Per-URL Attribution Map Exists
Paste a GA4 Pages-and-screens export and see which 50 pages earn 80% of your revenue, classified as Stars, Hidden Gems, Vanity Rankers, or Cut Candidates.
Why Pricing Psychology Audit Exists
Scans a pricing page for twelve psychology levers that move purchase decisions: tier count, decoy structure, anchor strikethrough, annual framing, guarantee placement, and more.
What Topics Your Competitors Cover That You Don't — Heading Gap Audit
Enter your article URL + 2-5 competitor URLs ranking for the same query. The tool extracts every H2 and H3 from each, builds the union of topics, shows what competitors cover that you don't (and vice versa), and scores your topical coverage %. Free alternative to Clearscope and Surfer.
Why Form-Field Friction Estimator Exists
Every form field has a drop-off cost. The estimator classifies each field by type, applies Zuko/Formisimo benchmark weights, and predicts your cumulative completion rate.
Why Checkout Abandonment Autopsy Exists
70% of US carts abandon. Half of that is fixable on-page. The audit finds the ten friction patterns responsible and ranks them by expected recovery.
Predicting Which Keywords Fire AI Overviews Without a Paid SERP API
Google AI Overviews fire more often on informational, how-to, comparison, and 'best/top' queries than on navigational or transactional ones. Paid SERP-feature trackers cost $99-$399/mo to report this. The new heuristic scores each keyword in your list from the query structure alone — no SERP API.
Why About-Page Conversion Audit Exists
Your About page is the second-highest-intent page on your site. The audit scores 14 trust and conversion signals most SMB sites miss entirely.
How to Get Multiple Pages in a Single Google Search Result
ItemList carousel schema lets you occupy a horizontal scrolling carousel in Google search — showing multiple pages from your site in a single result. Here's the implementation guide with real CTR data.
How to Send Email That Actually Gets Delivered: A Small-Business Infrastructure Playbook
Set up email so your password resets, newsletters, and outreach all land in the inbox instead of spam. Secondary domain, Google Workspace mailboxes, full SPF/DKIM/DMARC on your DNS host, platform pick by use case, and a 21-day warmup. Updated for Gmail and Yahoo's 2024 bulk-sender rules.
Caddy — The Reverse Proxy That Handles Its Own Certificates (and Quietly Solves Half Your On-Prem TLS Problems)
Caddy gets TLS right by default: automatic Let's Encrypt for public sites, a built-in local CA for internal services, and ACME support for enterprise CAs. I run Caddy in front of public sites, in front of homelab containers, and as the trust anchor for a 40-device internal network. Here's where it fits and where it doesn't.
Qwen — When It's The Right Model And How To Run It At Home On Consumer Hardware
Qwen is the strongest open-weights model family most developers have never run. This covers when Qwen beats Claude / GPT (privacy, cost, offline, fine-tuning), the hardware tiers that matter, a concrete Ollama setup path, and the honest limits compared to frontier proprietary models.
Gemma — Google's Open-Weights Family, And Where It Fits Next To Qwen
Gemma is Google's open-weights sibling to Gemini. Same architectures-in-spirit, different philosophy and release cadence than Qwen. When to pick Gemma over Qwen, how to run the current generation at home, and what the 3 / 4 generation actually changed.
Google Gemini And Its CLI — Long Context, Multimodal, Google-Stack Native. When Each Strength Actually Pays Off.
Gemini's superpower is context length — 1M+ tokens on the frontier variants. That changes which tasks it wins at. This walks through when Gemini is the right choice over Claude or GPT, how the Gemini CLI works in practice, and where Google's ecosystem integrations pay off.
Character Counts Lie — Why Your SERP Snippet Truncates Differently Than You Expect
Google doesn't truncate titles at 60 characters. It truncates at ~580 pixels desktop, ~460 mobile. A title full of 'W's hits the pixel wall 15 characters earlier than one full of 'i's. The new tool measures actual pixels and previews both devices.
WCAG 1.1.1 Plus CLS Risk In One Pass — Image Alt Audit
Every image on a page in one table: alt present, missing, empty, filename-as-alt flagged, length in the 5-125 char band, duplicate alts across images, and missing width/height attributes that introduce CLS. WCAG 1.1.1 compliance + Core Web Vitals CLS risk in one pass.
The Hidden FAQ-Schema Bug Killing Your Rich Results (and the Tool That Finds It)
Google will silently suppress your entire FAQPage rich result if the JSON-LD lists questions that are not visible on the page, or if visible FAQs never make it into schema. Most site owners do not know the rule exists. The FAQ Schema Parity Audit catches both cases in ten seconds and hands you a drop-in JSON-LD block. Here is why I built it, when to run it, and what to fix first.
CWV Fix Generator — LCP, CLS, INP Patches From a Core Web Vitals Audit
The CWV audit tells you LCP is 3.2 seconds. This tool tells you what to paste into your HTML, CSS, and JS to drop it under 2.5. Twenty concrete patterns covering every common LCP, CLS, INP, and TTFB failure, bundled into an AI prompt that tailors them to your page.
Two CLIs, One Workflow — Running Codex Alongside Claude Code Without Losing Your Mind
A split-screen setup that uses each CLI for the tasks it handles best. Claude Code in the main terminal for long work, Codex in a second terminal for fast questions and focused tasks. Here's the practical routine — keybindings, terminal layout, and the rules that keep them from colliding.
Prompt Style — The Real Differences Between GPT And Claude, With Examples That Actually Show It
Both families respond to good prompting. They don't respond to the same good prompting. Four concrete differences, with before-and-after examples showing a prompt that works for one family and needs adjustment for the other. Written for people running both.
Codex vs Claude Code — Task By Task, Where Each One Actually Wins
Not a feature-matrix wall of checkmarks. A task-level breakdown of where Codex wins, where Claude Code wins, where they tie, and where the choice depends on your specific situation. Written by someone running both.
Codex CLI After Install — What To Actually Do With OpenAI's Agentic Terminal Once It's Running
The install primer got you Codex on your PATH. This is the follow-on — GPT model selection for different task types, prompt shape that actually works with GPT families, when to keep Codex open alongside Claude Code, and the OpenAI-specific cost and rate-limit mechanics you'll hit in week one.
ChatGPT CLI, Codex CLI, GitHub Copilot CLI — Three Products That Sound The Same And Do Different Things
A kickstart primer installs all three. Two use GPT under the hood, one uses a different model under GitHub. Their jobs barely overlap. Here's the actual positioning — what each one is for, when to reach for which, and the places people confuse them.
WCAG Fix Generator — Turn the Audit's Failure List Into an AI Remediation Prompt
The WCAG audit finds 50 accessibility failures. Manually writing fix instructions for 50 failures is why teams never finish. This tool emits a single AI prompt with per-failure HTML/CSS/ARIA patches + a prioritized 30-day WCAG 2.2 AA + ADA compliance roadmap.
The Pre-Deploy Hook That Kills Regressions Before Netlify Ships Them
A drop-in Node script that runs 15 regression checks against your built _site/ folder before every Netlify deploy. Blocks force=true redirect loops, missing sitemap.xml, template leakage, orphaned pages, stale tool references, broken in-page anchors. Exit 1 = deploy aborted.
AI Answer Engines Rank at the Paragraph Level — Here's How to Tell Which Paragraphs Win
Perplexity, ChatGPT Search, and Gemini rank at the passage level, not the page level. A page with one retrieval-ready paragraph outperforms a page with ten average paragraphs. The scorer splits any URL into passages and scores each on six signals — length, direct-answer opener, pronoun density, fact density, self-containment, subject clarity.
Polarity, Hedging, and Risk Phrases — Three Signals in Any Brand Response
Paid brand-sentiment tools train NLP models on proprietary corpora and sell the result at $99/month. A good lexicon does 80% of the work and runs in your browser. The scanner scores polarity, flags hedge words, and surfaces risk phrases — tuned for brand-mention contexts in AI responses.
CLAUDE.md Anti-Patterns — What Not To Put In, Why Your File Rots, And How To Fix It Before It Hits 800 Lines
Your CLAUDE.md started clean and is now a graveyard of decisions you stopped making, rules you never enforce, and tribal knowledge no one remembers writing. Here are the 8 anti-patterns that cause it — with fixes for each.
Skills, Rules, Memory — Where Each One Actually Belongs (And Why Your CLAUDE.md Keeps Growing)
If every new project fact lands in CLAUDE.md, the file gets to 800 lines and the model stops reading carefully. Here's the four-layer hierarchy that scales — CLAUDE.md, rules, skills, memory — with real examples for each and a migration path when your CLAUDE.md is already a mess.
Remote Control + Channels — Run Your Claude Code Session From Your Phone, With iMessage, Telegram, Or Discord
Remote Control turns a running Claude Code session into a surface you can reach from your phone or browser. Channels adds chat-app transport — send a prompt to your running session from iMessage or Telegram without touching the terminal. Here's the actual setup, the limits, and when it's worth the permission grants.
Claude Is Not Always The Right Model — When To Break Out Of The Monoculture, And How To Route Between Providers Without Losing Your Mind
Defaulting to Claude for everything is the 2026 version of defaulting to jQuery for everything. The tier-up is routing — Claude for code edits, a cheaper model for bulk classification, a faster model for inline autocomplete, a second opinion when you want one. Here's when and how.
/loop Is A Watchdog, /schedule Is An Alarm Clock — Pick The Right Claude Code Automation For The Job
Both let you automate recurring work, but they solve opposite problems. /loop lives inside an active session and dies when it closes. /schedule runs remotely on a cron and never needs you present. Here's when to use which, with working example tasks for each.
The Weekly /insights Iteration — 30 Minutes Every Monday To Make Claude Code Faster For You
Most people run /insights once, browse the pretty charts, and never open it again. The tier-up is reading it every Monday for 30 minutes and fixing the top friction point. Six weeks of this compounds into a workflow that is measurably faster than when you started.
Stop Approving The Same Prompt 40 Times A Day — A Working Hooks Implementation Guide For Claude Code
You clicked approve on npm test 47 times today. A 12-line hook removes the prompt forever without removing the safety. Concrete PreToolUse, PostToolUse, Stop, and UserPromptSubmit examples you can copy into .claude/hooks.json today.
Auto Mode, In Practice — Four Case Studies Where The Classifier Got It Right, Wrong, And Almost Right
Auto Mode removes approval fatigue for routine actions. That's the pitch. In practice, the classifier is excellent on the boring middle, shaky on two specific edges, and wrong in a way you should understand before turning it on. Four real cases with the fix for each.
The Agent Skill Marketplace — What Skills 2.0 Actually Unlocked, How To Evaluate A Skill Before Installing, And When To Publish Your Own
Skills 2.0 turned custom instructions into programmable agents you can install, compose, and publish. The marketplace is now real — skilz, claude-plugins-official, community repos. Here's how to find skills worth installing, how to audit one before trusting it with your repo, and how to publish yours if you have one worth sharing.
Make The Subagents Fight — Adversarial Review With Worktree Isolation, Boris Cherny's Pattern For Non-Trivial Changes
Five parallel Claudes on five separate git worktrees is the pattern Boris Cherny built Claude Code around. Here's how to run it in your own repo — the review roles that actually catch bugs, the merge strategy that doesn't blow up, and the places the pattern breaks down.
Schema Fix Bundle — Pick a Page Type, Get Complete JSON-LD Ready for AI Fill
The Schema Validator tells you what's missing. Schema Completeness lets you pick fields one at a time. The Schema Fix Bundle picks a page type and emits the full @graph with every Google rich-result required field pre-populated plus an AI prompt to fill in your content.
How Many Fan-Out Queries Does Your Site Actually Cover?
You generated 40 fan-out queries for your seed keyword. Your site has 80 pages. How many queries have a matching landing page? The scorer fetches every URL in your sitemap, extracts title / H1 / meta, Jaccard-matches against each fan-out query, and reports coverage % plus the orphan-query list you need to publish against.
When Your Entity Graph Splits Three Ways Because of a Naming Drift
Your homepage says 'Acme Corp.' Your blog says 'Acme.' Your About page says 'Acme Corporation LLC.' Your entity graph splits three ways and LLMs ground on whichever version appeared most in training. The checker crawls your site, extracts every JSON-LD Organization / Person / Product and OG tag, and flags the drift.
One Keystroke to Audit Any Page: Installing the jwatte.com Browser Extension
A tiny Chrome / Edge / Brave / Vivaldi extension that routes the current tab to any of the 70+ jwatte.com audit tools with one keystroke. Install in thirty seconds, works offline, no telemetry, source-available.
Isolating IoT Devices On A Consumer Router — VLAN + Per-SSID VPN Segmentation For Beginners
A grey-market streaming stick, a robot vacuum mapping your floors, a doorbell camera on the same Wi-Fi as your laptop — every IoT device is a data leak. This walks through a three-SSID segmentation pattern you can build on any modern consumer router with VLAN + VPN-client support, with examples for NordVPN / Proton VPN / Mullvad and a beginner-friendly visual workflow. The exit countries are yours to pick; the pattern is the same.
Counting AI-Answer Mentions — The Simple Math Behind Share-of-Voice
Share-of-voice in an AI answer is a word-counting problem, not an AI-ML problem. Paste the response, count your brand hits vs competitor hits, compute the fraction. The worksheet does it per response, keeps 25 runs in localStorage for trending, and exports CSV.
Source Diversity — The AI-Answer Metric Nobody Talks About
AI-answer engines cite sources. The extractor pulls every URL from a pasted response, dedupes by domain, classifies each source (own, competitor, Wikipedia, community, news, government), and scores citation diversity. A low-diversity answer is one you could dominate — a high-diversity answer is one where one more citation slot is hard to win.
Broken Link Fix Generator — Turn an Audit Into a Deployable Redirect Bundle
The audit tells you what's broken. This generator emits the deployable fix: stack-specific redirect config, sed patch to rewrite in-HTML references, and an IndexNow payload so Bing picks up the change within minutes.
Auditing Your ads.txt Before a Programmatic Buyer Asks About It
ads.txt and app-ads.txt are the IAB Tech Lab's way of letting publishers publicly declare which ad exchanges are authorized to sell their inventory. Done wrong, DSPs drop you from auctions. Here's how to audit both files, what each line means, and how the jwatte.com ads.txt Audit tool spots the common mistakes.
You've Got The Claude Code CLI Installed — Now What? Plan Mode First, Then CLAUDE.md, Context Hygiene, And The Slash Commands That Matter
Follow-on to the AI Terminal Kickstart. The CLI is the runway; the workflow is the plane. Plan mode first, CLAUDE.md as a living contract, the slash commands grouped by intent (/btw /fork /rewind /compact /loop /schedule /simplify /batch /powerup /insights /debug /claude-api), Skills vs Rules vs Memory, Auto Mode boundaries, and a Day 0 to Day 7 ramp plan.
Your ISP Already Knows When You're Home — How To Take The Surveillance Back And Run Monitoring Yourself
Comcast WiFi Motion turns your router into a presence sensor. The other major ISPs are running similar plays. Here's what each one collects, how to disable it, and how to run uptime/alerts yourself without paying $30/mo to surveillance-adjacent SaaS.
When Google Ignores Your Sitemap Signals
If every URL in your sitemap has priority=0.5, changefreq=weekly, and lastmod=today, Google ignores all three. Boilerplate sitemap signals are noise; meaningful ones are signal — there's a measurable difference in crawl efficiency.
Why WebAuthn / Passkey Posture Audit Exists
Probes a domain for WebAuthn / passkey signaling on the homepage and common endpoints (/.well-known/webauthn, /api/webauthn/options, common auth-vendor paths...
When Your Access Logs Whisper Before They Scream
By the time GSC tells you Googlebot lost interest, you've already lost 3-6 weeks of crawl. Raw access logs see the regression on day one — the trick is knowing what pattern to look for.
Why Web App Manifest Audit Exists
Fetches manifest.json and scores required + recommended fields for PWA installability: icons, name, start_url, display, theme_color.
Why WCAG A11y Audit Exists
WAVE-style accessibility audit — WCAG 2.1 / 2.2 AA + 3.0 draft checks, CSV/PDF/HTML export, AI fix prompt.
Why Voice Cleanup Exists
De-slop AI text — normalize em-dashes, strip slop phrases, break long sentences.
Why View Transitions API Audit Exists
Scans for @view-transition CSS, startViewTransition(), view-transition-name, ::view-transition pseudos, reduced-motion guards.
Byte-Level Plagiarism Detection Misses The Overlap That Hurts Rankings
Copyscape catches exact-match duplication. Google's systems catch paraphrased near-duplicates. The gap is the 5-gram shingle zone — where content looks different to a human but identical to the ranker.
Why URL Structure Hygiene Exists
Internal-link scan: path depth, URL length, capitalization, trailing-slash consistency, session IDs, file extensions, underscores.
Why Trusted Types Audit Exists
Checks require-trusted-types-for CSP + scans for innerHTML/eval DOM sinks. Trusted Types block DOM XSS.
Why Third-Party Script Cost Audit Exists
Enumerates every external script on a page, estimates transfer size + main-thread cost, ranks by impact. Identifies the third party most responsible for CWV ...
Why Subresource Integrity (SRI) Audit Exists
Checks SRI integrity hash coverage on every cross-origin <script> and <link rel=stylesheet>. Missing SRI = supply-chain risk.
Why Speculation Rules API Audit Exists
Parses <script type=speculationrules> blocks. Validates prerender/prefetch rules, eagerness levels, source/where predicates.
When 200 Is The New 404
A page returning HTTP 200 with 50 words of 'no results found' is a soft-404 to Google. It wastes crawl budget, drags site quality scores, and never ranks. The audit catches them in batches and recommends remediation per page.
Why Slug Rename Helper Exists
Scan site for every link to old slug — emits sed patch + 301 redirects.
Why Site-Wide Crawl Sampler Exists
Fetches sitemap, samples 1-25 URLs with template diversity, scores each, shows distribution + worst / best URLs.
Why Sitemap Segmentation Generator Exists
Fetches a sitemap.xml, classifies URLs by type (home / blog / news / product / category / tag / user / video / tool), emits a sitemap-index plus per-type seg...
Why Service Worker Audit Exists
Fetches sw.js, inspects install / activate / fetch handlers, skipWaiting, navigation preload, caching strategies, offline fallback.
The Coverage Gap Between Your Schema And Your Actual Pages
Your LocalBusiness schema declares 22 service areas. You have landing pages for 9 of them. Google and AI grounding systems treat the gap as a credibility problem — you claimed coverage you can't back up.
Check The Update Calendar Before You Blame Your Own Work
When traffic drops, the instinctive response is to audit what you changed. The right first move is to check whether Google rolled an algorithm update. This tool correlates your GSC data against the confirmed update calendar.
Prioritize Title-Tag Rewrites By Traffic Impact, Not Impression Volume
Most SEO rewrite lists are sorted by impressions. That's the wrong signal. The right signal is (impressions × CTR gap vs expected). Small differences in priority ordering create 2-3x differences in monthly traffic.
Why SERP Cohort Audit Exists
Runs 3-10 target queries on DDG, maps which competitors share your ranking cohort, and tells you if you are even in the cohort.
Why SEO Roadmap Generator Exists
Paste findings list; auto-builds Impact × Effort matrix + 30/60/90-day execution roadmap weighted by business type.
Why Ranking For The Wrong Intent Is The Most Expensive SEO Mistake
A product page ranking for a 'how to' query is lighting money on fire. Intent mismatch explains most of the 'my traffic is up but conversions are down' stories. This classifier makes the mismatch visible.
Why Schema Completeness Exists
Generate complete Schema.org JSON-LD graph per page type with linked @id.
Why robots.txt Simulator Exists
Paste a robots.txt, a list of URLs, and a bot. Simulates per-URL allow/disallow decisions per RFC 9309 group precedence rules. Validates before deploy.
When The Same robots.txt Blocks One LLM And Allows Another
GPTBot honors most-specific blocks. ClaudeBot honors the LAST matching block. PerplexityBot ignores wildcards in some patterns. The same robots.txt yields different access maps per bot — and most operators never check.
Why Rich Results Eligibility Audit Exists
Per-type required + recommended field check across FAQ, Article, Product, Recipe, HowTo, Review, Event, JobPosting, Course, LocalBusiness.
Why Review Velocity Drift Precedes Local-Pack Loss
Point-in-time review audits miss the signal that actually matters: the drift. A business going from 4.7 to 4.5 stars over 90 days loses local-pack visibility about 60 days after drift begins. This tool catches the drift early.
Not Every Review Deserves Equal Response Time
An operator with 40 new reviews can't triage by gut feel — some matter urgently, some can wait a week, some don't need a response at all. This tool scores each review on impact × urgency × tone sensitivity and sorts the queue.
Six Ways To Tell A Retriever Your Content Is Current
For time-sensitive queries, retrievers (Gemini Grounding, Perplexity, Claude with web tools) explicitly prioritize fresh content. 'Fresh' isn't inferred — it's signaled. Six specific signals you should emit, every article.
Why Responsive Image Audit Exists
Compares natural image dimensions against displayed width. Flags images shipped 2-8× larger than rendered — the top mobile LCP killer.
Why Response Size Budget Audit Exists
Fetches a page, sums HTML body + CSS + JS transfer, checks against common performance budgets (200KB HTML, 500KB CSS, 500KB JS, 2MB total, Google 15MB crawl ...
Why Reporting API Audit Exists
Checks Report-To, Reporting-Endpoints v2, NEL, CSP report-to wiring, COEP Report-Only coverage.
Why Redundant Alt Text Audit Exists
Finds images where alt duplicates adjacent heading/caption text. Fixes "read twice" screen-reader friction.
Why RAG-Readiness Is The Next Table-Stakes Audit
Every SMB wanting to stand up an internal AI assistant will hit the same wall: their own website can't be ingested cleanly. RAG pipelines demand semantic HTML, passage boundaries, and freshness signals most pages never think about.
Why 'Near Me' Queries Deserve Their Own Rank-Tracking Workflow
Near-me queries behave differently from branded or city-name queries. Proximity dominates. Measuring rank at 0mi / 1mi / 3mi / 5mi / 10mi distance bands reveals the decay curve most SMBs never see.
The New Attack Surface: Competitors Editing What LLMs Say About You
Hostile actors embed hidden instructions on webpages to manipulate LLM summaries. Most payloads are invisible to humans — CSS cloaking, HTML comments, zero-width characters, base64 blobs. This audit scans for the patterns.
Why Prerender vs Hydration Parity Exists
Inspects initial HTML for SPA / CSR patterns: empty SPA root, missing H1, JS-only main content, missing nav links. Critical for Googlebot first-crawl.
Why User Preference Media Queries Audit Exists
Audits prefers-color-scheme, prefers-reduced-motion, prefers-contrast, forced-colors support + color-scheme meta.
Why Preconnect + DNS-Prefetch Hygiene Exists
Audits preconnect, dns-prefetch, preload, prefetch hints. Flags duplicate hints, missing crossorigin, heavy third-party origins without preconnect.
Why PQC Migration Plan Generator Exists
Pick the cryptographic surfaces you operate (TLS, SSH, code signing, S/MIME, IPsec, Git signing, validators, wallets, DKIM, DNSSEC, WebAuthn, mTLS, KMS, DB T...
Why Non-Composited Animation Audit Exists
Scans CSS for transitions / animations on non-GPU properties (color, box-shadow, top/left). Finds the repaint-heavy ones.
Why noindex / X-Robots-Tag Conflict Audit Exists
Probes a URL, compares HTML meta-robots directive against HTTP X-Robots-Tag header. Flags silent-kill conflicts where the two layers disagree.
Why Monoclone Gen. Exists
Scaffold an industry site from template + inputs — hero/services/FAQ/schema/sitemap.
Why 'Optimize For AI' Is Too Generic To Be Useful
Gemini pulls 40-60 word self-contained passages. ChatGPT favors definitive claims with numbers. Claude tolerates nuance. Perplexity wants freshness signals. 'AI-optimize your content' is not a strategy — per-model optimization is.
When The New Model Release De-Cites You
Each LLM release re-shuffles citation preferences. A page Claude 3 cited 12 times might be cited zero times by Claude 4 Opus six months later. The model changed; the page didn't. Tracking drift over time tells you when to react and how.
Why Mixed Content Audit Exists
Scans for http:// resources on https:// pages. Detects both active (script, iframe, CSS) and passive (img, video) mixed content.
Why Mega SEO Analyzer Exists
Orchestrator. Runs parallel probes across 7 dimensions (ranking authority, hygiene, AEO / AI retrieval, performance, security, trust, compliance) and returns...
All Local SEO Probes In One Orchestrator
Local SEO is 8+ scattered tools. The Mega GEO Analyzer orchestrates 10 dimensions in one pass — equivalent to BrightLocal Core ($39/mo) + Local Falcon ($24/mo) bundled, free.
All AEO Probes In One Orchestrator
AEO has fragmented into 15+ individual audits. Nobody runs them all in sequence. The Mega AEO Analyzer orchestrates 10 dimensions in one pass and emits a single Health Score with ranked fixes — equivalent to Profound's $499/mo dashboard, free.
Why MCP Server Audit Exists
Probes for Model Context Protocol server publication at /.well-known/mcp-server.json, /.well-known/agent-card.json, /.well-known/ai-plugin.json. Audits manif...
Why Your Site Should Advertise Callable Actions To AI Agents — And How To Start
Agent-native commerce is no longer theoretical. ChatGPT agents, Claude desktop, Gemini copilots all look for /.well-known manifests before they'll call your site. This tool audits what you're advertising and generates starter manifests.
Why Your Local Rank Is A Lie If You Only Measure From One Place
Google's local pack is hyper-local. Your rank at your address is not your rank from a customer's neighborhood two miles east. This post covers why you need a grid and how to build one without paying for Local Falcon.
Why llms.txt Quality Scorer Exists
Fetches /llms.txt, /.well-known/llms.txt, /llms-full.txt. Scores structure, link count, description depth. Flags boilerplate vs useful canonical content index.
Why llms-full.txt Matters More Than llms.txt For Actual LLM Retrieval
llms.txt is a short pointer file. llms-full.txt is the long-form content map LLMs actually consume. Sites that publish both are ingested more reliably and cited more accurately than sites that publish only the short form — or neither.
The Common Crawl Test: Are You Even In The Dataset That Trained The LLM?
Common Crawl is the single biggest upstream input to every major LLM's pretraining. If your domain isn't in it, you're invisible to offline model knowledge. This audit probes CC directly and maps inclusion across C4, FineWeb, RedPajama, OSCAR.
Why The Same Page Costs 30% More To Cite In One LLM Than Another
Different LLMs tokenize the same English content at radically different rates. A retrieval-augmented generation system that pulls your page pays per-token; if your prose tokenizes inefficiently, you compete worse on cost-per-citation.
The Token-Efficiency Audit Every Content Team Ignores Until The Bill Arrives
If you're building a RAG pipeline or letting an in-house AI assistant read your content, token counts are a real cost. Different tokenizers count the same text differently. This tool estimates per-model tokens + dollars per page.
When An LLM Quotes 200 Words Of You Verbatim, Is That Citation Or Republication?
If an answer engine reproduces 150+ words of your content verbatim, the user has no reason to click through. The line between cite-and-link and cite-and-replace is shorter than most publishers realize, and there's a measurable threshold.
Why Live Citation Surface Probe Exists
Probes 18 reference corpora (Wikipedia, Wikidata, G2, Trustpilot, Crossref, OpenAlex, etc.) to show where you are cited and where you are not.
Why Link-Graph Depth Audit Exists
Extracts all outbound links from a page, classifies each domain by authority tier (government / academic / major publisher / known / unknown), scores outboun...
Why Legal Pages Audit Exists
Probes a site for Privacy Policy, Terms of Service, Accessibility Statement, Cookie Policy, Disclaimer, Refund Policy, DMCA agent, and DPA. Checks presence, ...
Why Knowledge Graph + Wikidata Entity Audit Exists
Checks a domain for Knowledge-Graph triggers. Queries Wikidata for existing entity matches, audits Organization schema + sameAs array coverage, recommends st...
Why Keyword Inspection Exists
Inspect the Google top 10 to design your information architecture first.
Why A $0 Invoice Generator Is One Of The Highest-Leverage SMB Tools
The math on invoicing-SaaS is bad for most small businesses. A ledger of $15-19/month add-ons across six tools eats 3% of a $10k/month operator's revenue. A browser-side invoice generator does the 90% case without the subscription.
Why Intrusive Interstitial Audit Exists
Detects patterns Google penalizes on mobile: sticky overlays, full-screen popups, cookie walls that block content, forced newsletter signups.
Orphans Are The Silent Indexation Killers On Most SMB Sites
Orphan pages — pages with zero inbound internal links — are the most common reason SMB content stays in 'Discovered – currently not indexed' purgatory. The fix is internal links from topically-relevant sources, not content rewrites.
Why Internal Link Auditor Exists
Crawl a site; finds every 404 internal link, 301 chain, stale slug + sed auto-rewrite.
Why Inline Event Handler Audit Exists
Scans DOM for onclick/onerror/on* handlers, javascript: URLs, inline scripts, document.write, eval. Blocks strict CSP.
When 80% Of Your Content Is Invisible To Google
Infinite-scroll lists keep users engaged but typically hide 80% of their content from Googlebot. The crawler renders one viewport, sees a scroll trigger, and stops. Most SMB sites with infinite scroll never realize they're indexing only the first 12 items.
Why IndexNow Submission Audit Exists
Checks IndexNow key file at root. Validates filename matches content. Bing/Yandex/Seznam/Naver submission readiness.
Why Image Sitemap Extension Audit Exists
Fetches sitemaps. Verifies xmlns:image namespace, counts image:image tags per URL, scores caption/title/license coverage.
Image SEO Is A Five-Dimensional Audit, Not A One-Line Check
Most Image SEO audits check alt text and stop. Google Images ranks on alt + filename + dimensions + surrounding text + image-sitemap inclusion. A complete audit looks at all five — and 80% of SMB sites only do one.
Why Image LCP Candidate Audit Exists
Identifies the likely LCP image, flags loading="lazy" conflict, missing width/height, no srcset, legacy formats.
Why Identical Link Text Audit Exists
Groups links by visible text; flags groups where same text points to different URLs. WCAG 2.4.4.
The Hyperlocal Terms Your Site Doesn't Mention Are The Queries You're Losing
Every neighborhood name, landmark, school, and ZIP your site doesn't mention is a local query it can't rank for. The coverage matrix is usually bleaker than operators think — and the fix list is cheaper than they fear.
Hreflang Generator — Paste Your Locale Map, Get the Correct Block for Every Format
Most hreflang generators emit one format. This one emits all four — HTML link tags, sitemap.xml xhtml:link blocks, HTTP Link headers for PDFs, and Next.js/Astro framework arrays — with auto x-default and ISO validation built in.
Why HCU Pattern Detector Exists
Scans a URL for Google Helpful Content Update demotion signals: thin content, missing first-party experience, affiliate-without-insight density, AI-boilerpla...
Grounding Is A Different Surface Than AI Overviews — Optimize Separately
Gemini Grounding and Vertex AI Grounding pull from Google Search as source. They weight publisher trust, Wikipedia-linked entities, and Article schema more heavily than AI Overviews. Same site, same content, different optimization.
Why The Un-Answered Question On Your GBP Is A Paid-Ad Tax
Google Business Profile's public Q&A is visible forever. Every un-answered question drives customers to a competitor who did answer. Every user-answered question propagates misinformation. Here's how to catch and fix both.
Why Quarterly Photo Uploads Are Losing To Weekly Ones
GBP photo count matters; photo freshness matters more. Businesses adding 3+ photos per month outperform those with large archives that haven't seen a new upload in six months. The signal Google reads is 'actively operating.'
Why GA4 / GTM Configuration Audit Exists
Detects Google Analytics 4 + Google Tag Manager on a page. Checks Consent Mode v2 integration, IP anonymization, GTM preview-auth token leak, duplicate measu...
Why Form Conversion Audit Exists
Counts form fields, flags unlabeled inputs, missing autocomplete hints, and friction patterns that cut mobile conversion.
Why Font Loading Strategy Audit Exists
Audits @font-face font-display, preload hints, woff2 coverage, Google Fonts vs self-hosted, FOUT/FOIT pattern risks, variable fonts.
Why Featured-Snippet Extractability Audit Exists
Scans a page for Position-Zero-ready structure: question-shaped H2s + 40-60 word answer paragraphs, 3-10 item lists, properly-headed tables, definition patte...
Getting To A Featured Snippet vs Owning One — The Displacement Playbook
Most snippet-optimization advice ends at 'write a 40-60 word paragraph.' That gets you close. Displacing the incumbent takes specific knowledge of their weaknesses. This tool reverse-engineers the incumbent and outputs the replacement shape.
Why E-E-A-T Generator Exists
Person/Org/sameAs/Wikidata/ORCID/rel=me JSON-LD from a single author profile.
Why E-E-A-T Audit Exists
Scores the four E-E-A-T pillars from Person/Org schema + sameAs depth.
Why Edge Cache Effectiveness Probe Exists
Probes a list of URLs, analyzes Cache-Status / CF-Cache-Status / X-Cache / Age headers, reports per-host edge-cache hit ratio, identifies URLs bleeding origi...
Why Early Hints (103) Audit Exists
Detects RFC 8297 HTTP 103 Early Hints + Link: preload/preconnect headers. Typical 100-300ms LCP win.
Why A Byline Without An Entity Behind It Is Worth Zero To Google
Google's E-E-A-T system doesn't evaluate authorship by reading bylines. It evaluates authorship by resolving bylines to entities — Person schema, sameAs links, credentials, external profiles. A plain-text byline is invisible to the system.
When Two Of Your Own Pages Cannibalize Each Other
External duplicates get the headlines; internal duplicates kill more sites. Two of your own pages competing for the same query is a silent ranking killer that most SMBs never measure.
Why DNSSEC PQC Posture Audit Exists
DoH-based audit of a domain DNSSEC chain. Reports algorithm IDs (RSASHA256/ECDSAP256/ED25519 — all classical), DS hash algos (flags SHA-1), NSEC vs NSEC3, KS...
Why CSP Strictness Audit Exists
Deep CSP audit: nonce/hash coverage, strict-dynamic, unsafe-inline, report-to, Trusted Types, wildcard quality.
Why CSP Allowlist Completeness Exists
Cross-references every loaded script/style/iframe against CSP directives. Finds the gap before users see console errors.
Why Crypto Wallet Quantum Risk Audit Exists
Paste a Bitcoin or Ethereum address. Classifies script type (P2PK/P2PKH/P2MS/P2SH/P2WPKH/P2WSH/P2TR or EOA/contract), checks reuse + spend history via public...
Why CrUX Field Data Probe Exists
Real-user Chrome UX Report p75 LCP / INP / CLS / FCP / TTFB via PageSpeed Insights API. The metrics Google actually ranks on.
Why Cross-Origin Isolation Audit Exists
Verifies COOP + COEP + CORP headers for SharedArrayBuffer, high-res timers, WASM threads. Required for advanced web APIs.
Why Critical CSS Inlining Audit Exists
Counts render-blocking stylesheets, inlined <style> bytes, deferred CSS via media=print+onload pattern, font-preload hints.
Why CORS Headers Audit Exists
Deep CORS audit: ACAO * + credentials, Vary: Origin, Allow-Methods, Expose-Headers, Max-Age, Timing-Allow-Origin.
Why Cookie + Storage Drift Audit Exists
Flags pre-consent trackers, document.cookie writes, and localStorage writes in initial HTML — the typical GDPR / ePrivacy failure modes.
Why Content Gap TF-IDF Analyzer Exists
Top-10 SERP TF-IDF analysis. Finds which phrases top rankers use that you do not. Clearscope / SurferSEO core algorithm, in browser, free.
Why Content Decay Audit Exists
Paste URLs + last-modified dates (or GSC Performance CSV). Ranks by staleness, flags content past 12 / 24 / 36 month thresholds, queues refresh priority.
Why Compression Codec Audit Exists
Verifies Brotli vs gzip vs zstd on HTML + subresources, checks HTTP/3 Alt-Svc advertisement, Vary: Accept-Encoding.
Reading Competitor Strategy From Their Google Business Profile Deltas
A competitor adding Saturday hours tells you they're chasing weekend work. A new service category tells you they're expanding. Most SMBs never notice because nobody watches. This tool turns periodic snapshots into a strategic intelligence stream.
Why Competitor Gap Matrix Exists
4-way side-by-side SEO score comparison. Your URL + 3 competitors across 6 dimensions, with gap identification.
Seven New Commercial-Conversion Tools — Checkout, Pricing, Revenue Attribution, About Page, Form Friction, Upsell Surface, Scroll-Depth CTAs
Seventy-five audits on the site optimize for ranking. These seven optimize for revenue. Checkout Abandonment Autopsy, Pricing Psychology Audit, Revenue-Per-URL Attribution Map, About-Page Conversion Audit, Form-Field Friction Estimator, Upsell + Cross-Sell Surface Audit, Scroll Depth + CTA Visibility Map.
Why Code Signing Trust Audit Exists
Probes a GitHub repo, npm package, or website for code-signing trust roots: Sigstore Cosign, SLSA provenance level, in-toto attestations, npm --provenance fl...
Why CMP Compliance Audit Exists
Scans a page for consent-management-platform (Cookiebot, OneTrust, CookieYes, Osano, Termly, iubenda, Didomi, TrustArc). Checks IAB TCF v2.2, CCPA opt-out li...
Why Client Hints Audit Exists
Checks Accept-CH + Critical-CH response headers. Validates UA Client Hints coverage as User-Agent string deprecates.
Why CLAUDE.md Generator Exists
Give Claude Code a permanent project memory — 10-question form, 8 stack presets, outputs drop-in Markdown.
Why TLS Cert Lifecycle Audit Exists
Probes a hostname for cert lifetime (90 / 100 / 397 day buckets), CT-log inclusion via crt.sh, public-key reuse across renewals (the harvest-now-decrypt-late...
Word-Level TF-IDF Gets You Close. Structural Fit Gets You There.
Content briefs from Clearscope and Surfer tell you which words to use. They don't tell you the page SHAPE that wins. Heading depth, schema types, media ratio, internal-link density — aggregate those across the top 10 and you have the canonical template.
Why Cannibalization Audit Exists
Runs a search for a target query + site: operator and identifies when multiple own-site URLs compete for the same query. Recommends consolidation, canonicali...
Why Most SMBs Can't Name Their Break-Even — And What Changes When They Can
Four numbers decide whether a small business is a business or an expensive hobby: fixed cost, variable cost per unit, price per unit, and volume. Most operators can't recite three of them. This calculator makes it a five-minute conversation.
Why Brand-SERP Audit Exists
Probes the top 10 organic results for a brand query. Classifies each (own-site, directory, social, review, negative, knowledge-graph), scores brand-SERP heal...
Why Bing + Copilot + IndexNow Audit Exists
14 signals for Bing Places + Bing Search + Microsoft Copilot + ChatGPT Search citation. Crawlability, CDN-WAF bingbot allow, sitemap.xml, IndexNow key, ai.tx...
Why Batch Compare Exists
Compare up to 10 sites across SEO, GEO, AEO, schema, E-E-A-T, a11y.
When To Disavow, When To Ignore — A Heuristic Playbook
Google's official guidance in 2024-2026 is that most spammy backlinks are auto-discounted. But some still hurt. Knowing which is which — without paying $100+/month for Semrush or Ahrefs — is a scoring problem the tool solves free.
Why Author Authority per Article Exists
Scores an article on 8 authorship signals: byline, Person schema, author link, photo, bio, rel=author, datePublished, dateModified.
Why API Secret Leakage Audit Exists
Scans HTML + JS for 20+ secret patterns: AWS, Stripe live, Twilio, OpenAI, Anthropic, GitHub PAT, Slack tokens, JWTs, private keys.
Why Site Analyzer Exists
Launch + Agency + Network + Hosting checks in a single report.
Why ai.txt Generator Exists
Spawning-style AI training opt-in/out covering every major AI crawler in the shared bot registry — custom paths, robots.txt companion.
Pretraining-Visible vs Retrieval-Only Is A Real Distinction
Every LLM has a training cutoff. Pages published before it are baked into the model's default knowledge. Pages published after are only reachable via live retrieval. Your content strategy should know which bucket each page sits in.
The First-Mover Window On AI-Answer Queries Is Still Open — Here's How To Find It
For queries where an AI Overview already fires, displacement is expensive. For queries where no AI answer has fired yet, you can BE the canonical answer. Finding the second bucket and investing content there is the single highest-ROI AEO play of 2026.
AI Referral Traffic Without a Paid Analytics Subscription
Paid AI-traffic tools bill $99-$299/month to count how many visitors arrive from ChatGPT, Perplexity, Gemini, or Claude. The numbers live in your access log already. The new parser buckets them by AI referrer, classifies human-follow-through vs bot-fetch UA, and runs entirely in your browser — paste never leaves the page.
Why AI Model Recommender Exists
Describe a task + constraints → ranked AI model recommendation across Anthropic, OpenAI, Google, Meta, Alibaba, DeepSeek, Mistral (text + code), plus image (...
Why AI Model Fit Audit Exists
Paste the prompt + the model you used → get a fit assessment (category match, capability gaps, context overflow, cost/latency mismatch) plus better-fit candi...
When LLMs Get Your Brand Wrong: How To Measure And Correct Hallucinations
Every major LLM makes factual errors about real businesses. This post covers how the drift happens, why it persists, and how a free browser-side tool can catch it before a customer does.
Why AI Crawler Log Analyzer Exists
Paste server access logs. Classifies hits by AI crawler (GPTBot, ClaudeBot, PerplexityBot, Google-Extended, Applebot-Extended, Bytespider, etc.), reports per...
When Robots.txt Allows GPTBot and Cloudflare Still Returns 403
Three layers decide whether an AI bot reaches your content: robots.txt / ai.txt, meta robots, and CDN bot-protection. The first two are easy to audit. The third silently 403s bots even when the first two say allow. The auditor scores all three across every major AI crawler.
Why AI Content Disclosure Audit Exists
Checks for visible AI-disclosure, schema.org creativeWorkStatus, SoftwareApplication author, C2PA signing references, AI-use policy page.
Why Cited-At-All Is The Wrong AEO Metric — Position Is The Whole Game
Being cited in an LLM answer feels like a win, but being cited fifth barely moves traffic. First-position citation in an AI answer drives 3-5x the click-through of mid-list positions. Tracking position longitudinally is the actual game.
The Description LLMs Use For You Is Your First AI-Mediated Impression
Before a customer clicks any search result, an LLM may have already described your brand to them. 'Established but outdated' vs 'innovative and modern' is a positioning difference that happens before your site loads.
Why Unattributed Facts Are The Next Thing LLMs Filter Out
A page claiming '7% of SMBs fail in year one' with no citation is indistinguishable from a page making the number up. LLMs are increasingly filtering against unattributed numeric claims — attribution coverage is an emerging ranking signal.
When AI Traffic Hits A Wall Instead Of A Funnel
An AI engine cites your blog post. A user clicks through. The page is a 1500-word article with no email-capture, no CTA, no clear next step. They leave. Citation traffic that doesn't convert is the most-overlooked AEO problem of 2026.
Per-Model Accuracy Tracking Without A $500/Month Subscription
The value of scheduled LLM monitoring isn't the monthly bill. It's the cadence. This tool makes the cadence free: paste + score + log + trend across ChatGPT, Claude, Gemini, Perplexity over weeks and months.
Why Your Site Needs A Sitemap For Actions, Not Just Pages
Traditional sitemap.xml tells crawlers what to READ. Agents need to know what to CALL. A parallel machine-readable list of your site's invocable actions — book, quote, verify, order — is the next discoverability layer.
Broken Actions Silently Destroy Your Agent Visibility
Declaring callable actions to agents is worthless if the endpoints are broken, slow, or auth-mismatched. Agents that hit failing endpoints deprioritize your site — quietly — for every future invocation. This probe catches failures before they cost you.
Why 404 Page Quality Audit Exists
Fetches a guaranteed-missing URL and scores the 404 page: HTTP status, useful copy, home link, search bar, branded layout, canonical hygiene.
Mega GEO + Mega AEO — Fix / Audit / Learn Pills On Every Finding
The two Mega orchestrators that were stuck at 'here's a list of problems' now behave like Mega Analyzer and Mega Security Analyzer — every finding carries Fix / Audit this / Learn pill buttons that deep-link into the specialist tool pre-filled with your URL.
The Four Questions I Wish I'd Asked Before Picking an AI Project
I spent a couple of years picking AI projects the way a developer would — what's technically interesting? That was the wrong question. The right one has four parts, and the non-coders shipping products in 2026 are the ones who answered them first. Here's the short version, with worked examples from courts, hospitals, and road crews.
Claude Design — What Anthropic Labs Actually Shipped, Who It's For, And The One Feature That Makes It Different From Figma
Anthropic Labs launched Claude Design on April 17 2026. It builds a design system from your codebase, iterates on prototypes by chat and sliders, and hands finished work to Claude Code. Here is what it does, three real use cases, where it breaks, and when adopting it is worth the bill.
HTML Watermark Tokens for Clone Detection. A Simple Pattern Every Site Should Use
How to embed a stable, Google-searchable watermark token in every page of your site so clones announce themselves within 24 hours of being indexed.
What Your Car Knows About You, and What Automakers Sell It For
A 2024 congressional investigation documented Hyundai selling data from 1.7 million vehicles to insurance broker Verisk for about $1.04 million. McKinsey projects connected-vehicle data services at $450 to $750 billion globally by 2030. Here is what is actually going on, who the brokers are, and what the Electronic Frontier Foundation recommends you do about it.
Video Schema + Transcript Audit — why your YouTube embed doesn't rank
YouTube owns video search. But your page can still win the text-on-a-page-with-video layer — if it has VideoObject schema, a crawlable transcript, and captions. Most pages with embedded video have none of the three.
Third-Party Data Leakage Audit — 22 trackers classified by PII risk
GDPR, CCPA, and CPRA all require disclosure of third-party data transfers. Most sites have 6-12 trackers loading and no idea what data they send. This tool classifies 22 known trackers by PII risk tier and flags the ones that cross the compliance line.
Soft-404 Detector — the pages that return 200 but signal 'not found'
A soft 404 is a URL that returns HTTP 200 but the body says 'page not found', 'no results', or is thin-to-empty. Google demotes and eventually deindexes them. They're invisible to naive crawlers. This tool crawls your sitemap and surfaces them.
Auditing Serverless Functions for the 25 Posture Failures That Cost You Money or Get You Owned
Serverless platforms shift cost + security to the request shape. Origin allowlists, rate limits, CORS-with-credentials, SSRF, secret-in-log, fetch timeouts. 25 checks that prevent quota burn, account takeover, and stack-trace leaks across Netlify / Cloudflare Workers / Vercel / Lambda / Fly / Deno / Render / Railway / DigitalOcean.
Which SERP features do your queries trigger? The matrix tells you in 60 seconds
SEMrush and Ahrefs charge $100+/mo to tell you which SERP features (Featured Snippet, PAA, Local Pack, Shopping, Video Carousel) your target queries trigger. This fires the queries at DDG + Bing, detects 12 feature types, and shows you which ones are the biggest opportunities.
Your longitudinal SEO dashboard was already in localStorage — I just drew it
Every Mega SEO Analyzer run writes the score to your browsers localStorage. The SEO Trend Dashboard reads it and renders per-URL line charts with improving/regressing/stable classification. No server, no account, no export/import needed.
Turning the audit tool into a monitoring service — scheduled, notifications, no server
ContentKing charges $195/month to watch your site and ping you on regressions. The Scheduled Auto-Monitor does it in the browser with setInterval + localStorage + Notifications API. Keep a tab open, get alerted when your score drops 5 points or more.
The roadmap needed a board — drag SEO findings from To-do to Done
Linear charges $8/seat. Trello caps free boards. This is a 4-column SEO-specific kanban that lives in your browsers localStorage. Bulk-import audit findings as cards, drag across columns (To do / Doing / Blocked / Done), export JSON, watch your SEO backlog clear.
Schema Test-Case Generator — 16 valid JSON-LD templates, required fields enforced
Most broken schema is broken because someone copy-pasted an example missing required fields. This tool emits 16 valid JSON-LD templates — Article, Product, FAQPage, HowTo, LocalBusiness, Recipe, Event, Organization, BreadcrumbList, VideoObject, Review, JobPosting, Course, SoftwareApplication, Book — with every required property filled in.
Making JSON-LD visible — the schema graph visualizer I wish Schema App didn't charge for
Every page has a structured-data graph hidden inside its JSON-LD blocks. Schema App charges $29/mo to draw it. This tool parses your JSON-LD, flattens it by @id references, renders the full node/edge graph as interactive SVG. Finds orphans, missing @context, weak connectivity.
Real User Monitoring without a server — RUM that stores to localStorage
Sentry Performance charges $29/mo + per-transaction fees. This generates a self-contained RUM snippet that captures LCP / INP / CLS / FCP / TTFB on every pageview and writes to your sites localStorage. No endpoint, no third-party data collection, no recurring cost. Paired with an import-JSON dashboard.
The SPA audit gap, solved by paste — no serverless Chromium required
Single-page apps inject content after hydration. My static-HTML audits miss it. Prerender.io costs money. Headless Chromium in a serverless function costs even more. The Rendered DOM Paste Audit is the pragmatic free path — you paste outerHTML from DevTools, the tool audits the post-hydration DOM, and optionally diffs against the server HTML.
Readability Analyzer — Flesch-Kincaid, ARI, and the passive-voice tax
Google's Helpful Content system reads for readability directly. Sentences averaging 24+ words, passive-voice density above 15%, and Flesch-Kincaid grade level above your audience all correlate with demotion. This tool measures all three.
APE, RACE, CREATE, SPARK — The Four Prompt Frameworks Every Prompt Should Match One Of
By 2026, four named prompting frameworks — APE, RACE, CREATE, SPARK — dominate the literature. Each is a checklist of the elements an LLM needs to produce a good output. The new auditor scores any prompt against all four, tells you which one it's closest to, and emits a rewrite that closes the gaps.
The pillar-cluster pattern shows up in every AEO article — so I built the audit
A 3,000-word pillar linking to eight focused subtopic articles that link back. It's the architecture AI retrievers treat as authoritative. Most blogs aren't structured this way, and it isn't obvious from reading a single page.
Tracking AI-search visibility — are Perplexity, you.com, and Bing AI citing you?
Google rank tracking tells you where you appear on the SERP. AI answer engines cite sources in their answers and those citations are the new SERP. This tool queries Perplexity, you.com, and Bing AI for your target queries and reports whether your domain shows up in their answer sources.
The Legal Pages Generator. Privacy, Cookies, Terms, Accessibility, Disclaimer, Refund, DPA in One Pass
Indie sites need seven or eight legal pages and most ship two. The new Legal Pages Generator produces a baseline set tailored to business type + jurisdictions + third-party services, with a master AI customize prompt.
The link-graph visualizer Sitebulb charges $149/mo for, free in your browser
Crawls your sitemap, extracts internal links per page, runs iterative PageRank, renders an interactive SVG graph. Shows which pages are hubs, which are orphans, and exactly where PageRank flow is starving content. No signup, no crawler bill.
Generic positioning loses to specific positioning in agent-driven search
An AI agent looking for a CRM for an automotive dealership will not pick 'CRM for businesses of all sizes'. It'll pick the page that says, out loud, 'CRM for automotive dealerships with 10-50 seats'. This tool audits whether your page says that out loud.
Pre-deploy SEO feedback in the browser — the HTML Sandbox Playground
JSFiddle and CodePen are great for JS but dont check SEO fundamentals. This sandbox audits your HTML live as you type - title, meta, canonical, OG, Twitter, JSON-LD, alt, word count. Save up to 20 named drafts locally. Test before you deploy.
Hreflang Cluster Graph — visualize reciprocity and catch every broken pair
Hreflang works only if every locale variant references every other locale variant — reciprocally. One missing reciprocal and the entire cluster collapses silently. This tool crawls your hreflang cluster and renders the (in)completeness as a graph.
Hreflang Audit — Fetches Every Page in the Cluster and Builds the Backlink Matrix
Most hreflang auditors only inspect one URL. This one fetches every alternate page in the cluster, cross-checks backlinks, flags malformed ISO codes, and surfaces canonical-vs-hreflang conflicts that silently invalidate Google's cluster recognition.
IBM published a GEO playbook — I turned it into a page audit
IBM published a Generative Engine Optimization playbook in April 2026. Core thesis: from keywords to prompts, from links to citations, from websites to ecosystems, from traffic to answer eligibility. This tool scores your page across ten GEO signals drawn directly from the playbook — Q&A format, answer directness, conversational tone, chunk-ideal paragraphs, schema, DOM simplicity, cite markup, authorship, freshness, structure.
Cross-Domain Entity Consistency — Wikidata, sameAs, and the entity graph
AI retrievers resolve brands to entities in Wikidata. If your site's Organization schema disagrees with your Wikidata record — or you have no Wikidata record — you're a stranger to the entity graph. This tool reconciles both sides.
I stopped generating fix prompts. Meet the Code-Diff Patch Generator.
Every other audit tool outputs a prompt you paste into Claude. This one skips the LLM loop and writes the HTML patch itself — unified-diff format, before/after blocks, ready to paste into your template. How to use it, why I built it, and when it still loses to prompts.
Canonical & Redirect Graph — visualize every chain SEO crawlers hate
Redirect chains cost crawl budget and dilute PageRank. Canonical conflicts tell Google two different stories. This tool crawls your sitemap and renders the tangle as an SVG graph — the shape of the problem is the first useful diagnostic.
Broken Link + Decay Scanner — find every 404 your page points at
Outbound links decay. The average 5-year-old article has 10-25% of its external references dead, redirecting to parked domains, or quietly 302-ed into spam. This tool fetches every outbound link in parallel and reports the damage.
Anchor-Text Manipulation Detector — SpamBrain catches EMA ratios you don't feel
Google's SpamBrain doesn't just count backlinks — it profiles your exact-match anchor distribution. One moderately-trafficked page I audited had 43% EMA for the same commercial phrase. This tool surfaces the ratio before SpamBrain does.
Share-of-Voice in AI Answers Without a $99/Month Subscription
Paid AI-visibility platforms charge $99-$499/month to do one thing: run 25 prompts through each LLM and count your brand mentions. The new Prompt Pack tool generates the prompts and the scoring worksheet for free — you run the prompts by hand in the free tiers, log the results in a CSV, and get the same share-of-voice data without the subscription.
I read 14 AEO articles and found 5 signals my 254 tools didn't measure
After parsing 14 AEO articles from SearchScore, Semrush, Neuralic, The Conductor, and broworks, I found five specific content signals none of my existing audits explicitly checked. So I built one more.
Findings lists don't persuade — so I built an audit narrator
Audit tools output checklists. Executives want a narrative. This tool takes any findings list, categorizes by topic + severity, weights by your business model, and produces an executive summary with prioritized next-step sprints. Deterministic, no LLM tokens.
The agentic web is the new shopping surface — an audit for it
Microsoft launched AI Max + Universal Commerce Protocol + Copilot Checkout in April 2026. Google is pushing agentic shopping through Merchant Center. Perplexity Shop is live. Your product pages need to be discoverable, trusted, and transactable by AI agents — not just ranked on Google. This audit scores your readiness.
Every new security audit tool I built this month, and the CSP that doesn't block Clarity
CSP strictness, Trusted Types, Reporting API, SRI, CORS depth, COOP/COEP, secret leakage, inline event handlers, mixed content, CSP allowlist completeness — what each one catches and why I needed it.
Ten new performance audit tools that exist because Lighthouse wasn't enough
Early Hints (103), CrUX field data, compression codec, critical CSS, font loading, preconnect hygiene, Speculation Rules, LCP candidate, size budget, View Transitions — each one catches a regression Lighthouse reports vaguely.
The compliance audit stack — CMP, GA4/GTM config, cookie drift, AI disclosure, CCPA/GDPR
Six tools that check what a CMP audit actually checks — consent mode, blocking-mode enforcement, pre-consent cookie writes, IAB TCF v2.2 signaling, Global Privacy Control handling, and EU AI Act Article 50 readiness.
Every new AEO tool for 2026 — llms.txt quality, MCP server audit, AI content disclosure, author authority
AI retrievers (Anthropic, Perplexity, Google-Extended) don't cite your site the way Google crawls it. These tools check the surfaces they actually use: llms.txt, MCP servers, author apparatus, citation surface across reference corpora.
The accessibility + UX audit tools I built after Lighthouse stayed polite
Redundant alt detection, identical link text, prefers-color-scheme + reduced-motion + forced-colors, non-composited animations, intrusive interstitial patterns, form conversion friction. What each one flags, and why Lighthouse didn't.
Netlify Application Firewall vs Cloudflare Bot Management, and the Double-CDN Trap
Netlify ships Application Firewall, Log Drains, and Analytics. Cloudflare ships Bot Management, Turnstile, and WAF rules. Putting both in front of your origin is not free. Here's the decision matrix.
Why I turned Mega SEO Analyzer into a v2 and stopped paying $99-$500/mo for Ahrefs-adjacent tools
v2 added real-user CrUX field data, site-wide sample crawl, 4-way competitor gap matrix, localStorage trend baseline, and a 30/60/90 roadmap. Free, no signup, no tracking. Here is why I built each piece.
Lighthouse caught 5 things my other audit tools had missed — so I built new ones
Desktop scored 83 performance, mobile 67, LCP 13.1s on slow 4G. I fixed the site and built 5 new audit tools so the same issues surface in every future audit. Here is each fix and each tool.
DMCA Takedowns and Terms of Use for Developers. A Practical Walkthrough
What a valid DMCA takedown notice actually has to contain, where to send it, what to write in your Terms of Use, and the safe-harbor mechanics that make the whole process work.
The Content and Tool Protection Playbook for Indie Developers
Function guards, watermarks, terms, clone monitoring, log drains, attribution. The complete defense stack we ship on jwatte.com, in the order we'd ship it on a new site.
Content Operating Systems Explained. Why Sanity, Strapi, Contentful, and Payload Are Replacing the Monolithic CMS
A Content OS separates content from presentation: structured schemas, an API-first content lake, and a separate authoring studio. The pattern fixes WordPress's coupling problem, but introduces deploy-time, schema-migration, and CDN concerns of its own. When to use one, when to skip.
The Task You Should Never Have Been Doing: Notes on Handing Work to a Computer-Use Agent
Computer-use agents change the delegation question. It isn't 'can the AI write this code?' anymore — it's 'should I be doing this task at all, given that an agent could run it while I work on something actually mine?' Four quick tests to decide, three workflows where I said yes, three where I said no, and the small set of habits that keeps it all safe.
Picking the Right AI Model in 2026. Why GUI and CLI Are Different Tools, and Where Image Generators Diverge
Pros and cons of every major model in the 2026 lineup. Claude family, GPT-5 / o4 / Codex CLI, Gemini 2.5 + CLI, Llama 4, Qwen 3, DeepSeek V3 + R1, Midjourney v7, Ideogram v3, DALL·E 3, Flux 1.1 Pro, Stable Diffusion 3.5, ElevenLabs, Deepgram. Why GUI prompts and CLI agents are different products. Why we ship a Claude Code kickstart file. When to reach for which image generator.
The Three WordPress Themes Worth Installing in 2026. Kadence, GeneratePress, Astra
Most WordPress performance problems start at the theme. Three lightweight themes keep showing up as the correct default in 2026. Here's how they differ and which one fits which site.
Four WordPress URLs That Should Never Be Publicly Reachable. wp-login, readme, license, install
Four URLs ship with every WordPress install. Three of them expose your exact core version to scanners. One of them can take over your site if left in the wrong state. Here's what to do about each.
Why I Built Site Migration Capture. A Consent Banner I Forgot Cost Me a Client
I migrated a client from WordPress to Eleventy and forgot their consent banner. Two weeks later a GDPR complaint arrived. The client left. This tool exists so nobody else makes the same mistake on the same migration.
Nine Files That Shouldn't Be Publicly Reachable On Any Website
Regardless of whether you run WordPress, Shopify, a static site, or a custom app, nine files commonly ship to production by accident and leak credentials, code history, or internal structure. Here's what each one is and how to block it.
Pricing Pages and Careers Pages. The Two Transparency Signals Most Sites Hide
Hidden pricing tanks B2B conversion, and a missing careers page reads as a dead company. Two of the simplest trust signals a site can ship, and they cost almost nothing to add.
Your Yelp Listing Is Probably Bleeding Star-Rating Context. 11 Signals the Yelp Audit Checks
Yelp still drives discovery for restaurants, services, and local trades in major US metros. If your /biz/ URL is wrong, your public rating is unlinked, or your review count can't be parsed from HTML, you're losing Copilot and Apple Maps citations — not just Yelp search. This audit names the 11 signals that matter.
A WordPress and WooCommerce Audit That Speaks WP, Not Generic SEO
WordPress has its own specific failure modes that generic SEO tooling misses: plugin pileup, abandoned themes, legacy jQuery, stacked render-blocking CSS, WooCommerce cart-fragments on every page. This tool reads WP-native signals and emits a WP-native fix prompt.
A WordPress Hardening Audit That Speaks to the Server, Not Just the Admin Panel
A WordPress-specific security audit. Probes XML-RPC, REST API user enumeration, admin and login exposure, debug.log and wp-config backup reachability, directory indexing, and security-header coverage. WooCommerce PCI notes where applicable.
A 30-Second Uptime Diagnostic Beats a Paid Monitor When You Just Need to Know If The Site Is Up
Paid uptime monitors run every 5 minutes from 10 locations and cost $30-$100 a month. For a quick diagnostic of 'is my site reachable right now and how fast is it,' a single-shot server-side probe is enough.
HVAC, Plumbing, Electrical, and General Contractors. Six Site Signals That Move the Needle
Trades websites live or die on local-pack visibility. Six signals separate a site that converts from one that costs money to host. Here's what they are and how to audit them in one pass.
Before You File The LLC Or Print Business Cards, Spend 20 Minutes On USPTO TESS
A $500 to $1,500 trademark attorney's clearance opinion is the right answer for anything you're serious about. Before you pay the attorney, spend 20 minutes on a pre-screen so the attorney's hours are focused on real risk, not first-pass searching.
FTC Click-to-Cancel Takes Effect in 2026. California and New York Already Enforce. Here's Your Autorenewal Audit
FTC Click-to-Cancel rule + California BPC 17600-17606 + New York GBL 527-a + Virginia, Colorado, Illinois, Oregon, and New Jersey autorenewal statutes all apply to US subscription businesses. Most SMBs are compliant with zero of them. This tool scores the 12 signals that matter across every major statute.
Every State's Business-Entity Search In One Place. Vendor Vetting, Competitor Research, Your Own Good-Standing Check
All 50 state Secretary of State business-entity searches plus DC. Verify LLC / corp status, registered agent, filing history. Use cases: vendor vetting, competitor research, confirming your own good standing.
An A-F Letter Grade For Your SSL Config. Because 'TLS 1.2 with SHA256 AES-GCM' Isn't A Sentence For Most Owners
SSL Labs gives you a 400-line technical report. Most SMB owners want a letter grade. This tool rolls up protocol, cipher, cert expiry, HSTS, OCSP, and PQC readiness into A / B / C / D / F.
TCPA Violations Run $500 to $1,500 Per Text. Carriers Block Unregistered Senders. Here's How to Audit Your SMS Program
US business SMS is now governed by three overlapping layers: TCPA (federal statute, $500-$1,500 per violation), CTIA (carrier industry body), and A2P 10DLC (carrier-level registration). Most SMBs comply with one and fail at the others. This tool checks all three.
Capture Before You Migrate. Why the New Site Should Boot Up Functionally Equivalent
Most migrations start from a blank template and slowly rebuild what the old site had. This tool captures the old site's settings footprint first, then emits a generator-specific spawn prompt so the new site boots equivalent from day one.
A Restaurant Site Audit That Actually Understands Menus, Hours, and Reservations
Restaurant sites break in different places than SaaS sites. Menu schema Google reads. Opening hours that match Google Maps. A reservation path. A delivery path. This audit covers the restaurant-specific layer your general SEO tool misses.
Query Fan-Out — Why AI Search Doesn't Actually Run Your Keyword
Google AI Mode, ChatGPT Search, and Perplexity don't retrieve your keyword. They fan it out into 10-60 sub-queries behind the scenes, blend the answers, and cite whoever showed up in enough buckets. Here's what fan-out looks like — and the new tool that maps it for any seed keyword.
Post-Quantum Cryptography for Small Sites. A Practical Migration Path
Classical RSA and ECDH break when a large quantum computer arrives. That computer is not here yet. The encrypted traffic attackers are recording now will still matter when it is. This tool probes your server for hybrid PQC key exchange and emits a migration plan.
A Platform-Aware Audit. Shopify, Squarespace, Wix, Webflow, Ghost, BigCommerce
Most audits treat every site the same way. A Shopify store breaks in different places than a Squarespace portfolio. This tool detects the platform and runs the checks that actually apply.
PCI SAQ-A: The Lightest Compliance Path For Ecom SMBs, And Why You're Probably Not Eligible For It
SAQ-A is the 22-question PCI self-assessment most small ecom merchants qualify for. One misconfigured analytics tag on the checkout page bumps you to SAQ-A-EP (130+ questions) or SAQ-D (380+). Most owners don't know which they're actually in.
Your Payment Processor Assigned You The Wrong MCC. Here's How To Check
MCC mismatch costs SMBs 0.3 to 1.5 percent on every transaction. On $500K annual sales that's $1,500 to $7,500 a year in fees you shouldn't be paying. Most owners don't know their MCC, let alone whether it's right.
Seven Security Layers In One Scan. Mega Security Analyzer
One URL. Seven security layers scanned in parallel. TLS version and cipher, post-quantum hybrid KEX, HTTP security headers, CSP strictness, DNS email-auth, MITRE ATT&CK tactic mapping, CWE and OWASP pattern scan. 3-probe false-positive suppression.
A Medical Practice Audit That Knows The Difference Between SEO And HIPAA
Medical sites carry a compliance layer the tool can't audit (HIPAA, state board rules). It can audit the public-facing signals that show up in real medical-board advertising reviews: provider credentials, insurance, booking, privacy notice, tracking technology.
Google, Apple, Yelp, Bing. The Four Local-Presence Platforms Every US Small Business Needs to Own
Most SMBs optimize Google Business Profile and stop. That covers about 55% of US local search — the remaining 45% runs through Apple Maps (iPhone default), Yelp (home services, restaurants, medical, legal, auto), and Bing (which also powers Microsoft Copilot, ChatGPT Search, DuckDuckGo, and Yahoo). Here's the four-platform audit most SMBs never run.
Eight Local Directories Actually Move Your Rankings. Here's How To Check Coverage
Citations across Yelp, BBB, Yellowpages, Angi, Foursquare, Manta, Superpages, MapQuest still drive local-pack rankings. Most SMBs are listed on two and missing six. This tool surfaces the gaps.
LLMs.txt Validator — Why Most Published llms.txt Files Silently Fail
Your site has an llms.txt. A retrieval engine just fetched it. Did it parse cleanly, or did the engine silently skip half of it because the H1 was missing, the URLs were relative, or two sections had the same name? The new validator runs all 12 structural checks and tells you exactly what to fix.
A Law Firm Site Audit Built for SEO and Bar-Compliance at the Same Time
Law firm sites carry a compliance layer no other vertical does. State bar rules govern what you can say. This audit covers SEO structure (LegalService schema, practice areas, jurisdictions) and scans for risky language (guaranteed, specialist, best) that triggers ethics review.
Index Coverage Delta — The Diff Between What GSC Sees and What You Actually Publish
GSC reports 'Discovered — currently not indexed' without telling you why. This tool crawls your site, diffs against sitemap.xml, and produces the exact punch list of orphans, ghosts, canonical conflicts, and redirect chains blocking indexing.
Independent Hotels Lose 15-25% of Revenue to OTA Commissions. Here's the 16-Signal Audit That Recaptures It
Booking.com and Expedia take 15-25% of every booking they drive. Independent hotels and motels recapture that by strengthening Google Hotels eligibility, direct-booking incentives, channel-manager coverage, and review aggregation. This tool scores the 16 signals that determine cross-channel revenue.
Your Google Business Profile Is Leaking Revenue. 18 On-Site Signals That Fix It
Forty percent of local leads come from Google Business Profile. Most SMBs under-optimize it because they audit their website and their GBP separately. This tool audits the 18 on-site signals that reinforce GBP ranking and lift review conversion, and shows exactly which dashboard field to match each to.
CAN-SPAM, TCPA, CCPA, GDPR. Four Statutes Governing Your Email and SMS Footers
CAN-SPAM penalties run $51,744 per violating email. TCPA penalties run $500 to $1,500 per violating text. This tool audits your footer for the required elements across four statutes.
Your Password Has Probably Been Leaked. Here's How To Check Without Trusting a Random Tool
Have I Been Pwned hosts over 11 billion leaked credentials. The safe way to check your own password uses k-anonymity: SHA-1 hash locally, send only the first 5 characters, compare the rest in your browser. Never type your real password into a tool that sends it across the internet.
Contrasting Three Competitors Without a Subscription Seat. How the Competitor Contrast Tool Works
Most competitor-intel tools cost 100 to 500 a month and lock results behind a seat. This one fetches each URL, extracts keywords, frameworks, benefit cues, and pricing hints, then hands you a scrape plan and a comparison prompt for Claude or ChatGPT.
ADA Web Accessibility Lawsuits Hit 4,500 Filings in 2024. Most Targets Are SMBs Under $25M
Title III web-accessibility complaints are a multi-year growth industry and the target profile has shifted to small businesses. This tool scores your site on the 12 signals plaintiff firms put at the top of their demand letters, then produces a remediation plan that actually reduces exposure.
Static-Site Generator Deployment Hardening. Eleventy, Hugo, Astro, Gatsby, Next, Jekyll, SvelteKit, Nuxt
Static-site generators claim 'just deploy the build output' but each generator has its own set of deployment gotchas that show up in production. Eleventy deploys the wrong folder. Hugo leaks drafts. Next.js ships source maps. Ten common issues, per-generator fixes.
SpeakableSpecification: The Schema Tag That Tells AI What to Quote
SpeakableSpecification markup tells Google, voice assistants, and AI tools exactly which text on your page is worth quoting. Here's how to implement it and why it matters for AI citations.
Testimonials, Case Studies, Logo Strips, and Awards. Which Ones Actually Move the Needle
Four kinds of social proof turn up on almost every serious B2B page, and most sites pick the weakest three. Here's what testimonials, case studies, logo strips, and awards each actually do, and which ones AI engines cite.
Three Server-Side Probes That Let Browser-Based Audits See Past the Browser
A browser can't query DNS. A browser can't inspect a TLS handshake. A browser can't rerun a request three times to filter CDN-race false positives. Three small server-side probes fix all three gaps.
Your Server Header Is Telling Attackers More Than You Think. Apache, Nginx, Caddy, IIS, Windows Server, Red Hat, Oracle
The Server: and X-Powered-By headers tell attackers your exact version of Apache, nginx, Caddy, IIS, ASP.NET, Express, or Oracle, plus frequently the underlying OS. Then CI/CD config leaks (terraform.tfstate, .gitlab-ci.yml, Dockerfile) finish the job. Here's what each leak reveals and how to block it.
The Six Security Headers Every Site Should Ship in 2026. And The Three That Actually Matter
Security header recommendations change every three years. Here's the 2026 baseline: what to ship, what to skip, what the modern COOP / CORP pair does, and why CSP is the one you can't get away without.
When Live Chat and Booking Widgets Actually Earn Their Screen Space
Conversion widgets pay off on pages with strong buying intent and a short decision path. On info pages they just get in the way. Here's how to tell which page you're looking at.
Cookie Consent Vendors. Which One Actually Matches Your Legal Exposure
Nine consent vendors run about 90 percent of the banners on the internet. Each one sits at a different intersection of price, legal rigor, and site-speed impact. Here's which one fits which site.
What Actually Fixed My Claude Code Sessions (It Wasn't a Prompt Trick)
I spent months chasing prompt templates. None of them mattered. The four changes that turned Claude Code from a frustrating toy into something I ship with are almost boring — a written brief before any code, a memory file in the repo root, live data instead of pasted snapshots, and a spec tight enough that the model can only be wrong one way.
Numbers, Badges, Licenses, and Where You Got the Numbers. The Four Claims Signals That Actually Rank
AI answer engines cite specific numbers, visible compliance badges, license numbers, and sources. Generic marketing language loses every time. Four signals that take an afternoon to add and are worth the engineering time.
Dual-Audience Navigation and Honest AI Messaging. Two Signals Most Sites Skip
Sites serving two distinct audiences usually try to serve both with one navigation and end up serving neither. AI products that hide their human-review process lose enterprise buyers. Two informational signals worth the engineering.
A $10,000 Crypto Portfolio Made 24.8 Percent in 30 Days With An AI Agent. Here's How To Actually Back-Check It
Medium article claims an AI agent turned 10,000 USDC into 12,480 USDC in 30 days on Solana. Here's how to verify the math, what prompts and services were used, and what the real after-cost, after-tax return looks like for a regular reader.
Eight More WordPress Audits That Pay for Themselves. XML-RPC, User Enumeration, Heartbeat, and Five Other Quiet Problems
The Mega Analyzer and the WP+Woo audit catch the obvious WordPress problems. Eight more checks live one layer deeper: XML-RPC exposure, REST API user enumeration, wp-emoji, jQuery Migrate, Heartbeat, block library CSS, WooCommerce payment gateways, and review schema.
YouTube Channel Audit — Trailer, Playlists, Description, Cadence
Channel trailer, playlists, subscriber count, About description, banner. Five signals that decide whether a one-time viewer becomes a subscriber. Audit a channel home in three minutes.
X Is Gated Now — Audit What Signed-Out Visitors Can Still See
X quietly gated most profile data behind login. The public preview still leaks enough to audit — bio, profile image, website link, location, verification. This tool grades what your public card actually shows.
The .well-known Directory Audit — Probe 13 Files, Fix the Gaps
Audit /.well-known/ for the files that matter in 2026 — security.txt, agent-card.json, ai-plugin.json, change-password, webfinger — and generate copy-paste replacements for anything missing.
TikTok Profile Audit — The Signals That Decide If You Get A Link In Bio
Bio hook, link-in-bio (unlocked at 1K followers), niche hashtags, pinned video, avatar, verification. Audit a TikTok profile against the signals that TikTok's own discovery algorithm weighs.
A Syndication Plan in 30 Seconds — Canonical, Rewrite, Stagger
Paste an article URL. Pick the platforms. Get a canonical-tag plan, per-platform headline brief, UTM-tagged cross-post URLs, and a staggered schedule that keeps the original ranking.
Substack Audit — The Seven Signals Before A Reader Hits Subscribe
Subtitle, cover image, subscriber count, paid-tier setup, recent post, podcast option. Audit the public home of any Substack publication against the signals that drive the first-time-visitor subscribe rate.
Speakable Schema, Generated From The Page You've Already Shipped
Paste any URL. Get a SpeakableSpecification JSON-LD block that marks the headings and direct-answer paragraphs AI assistants should read aloud — generated from the HTML you already published.
Single Site Gen — The AI Build Prompt That Already Passes Our Audits
Single Site Gen writes a site-build prompt with every best practice our audit tools already score for — so the first deploy passes the Mega Analyzer without a round of fixes.
Reddit Community Audit — Vet A Subreddit Before You Invest Promotion Time
Subscriber count, active-user count, description depth, karma (for user profiles), and engagement signals. Audit a subreddit before you post into it — or your own profile if you're doing community-led marketing.
Why 'Take A Deep Breath' Makes LLMs Smarter — The Research Behind Prompt Enhancement
Detailed personas, step-by-step framing, stakes language, and self-evaluation — each one has a paper behind it. This post walks through the research so you know why the Prompt Enhancer does what it does.
Why Most Patreon Pages Convert At Under 1%
Tier pricing, welcome video, recent-post cadence, perk clarity, patron count visibility. The six signals that decide whether a Patreon visitor becomes a paying member — or bounces in three seconds.
MemPalace, Explained — And A Generator For Your First Setup
MemPalace is a local-first, zero-cloud AI memory system that stores raw conversation verbatim in ChromaDB, organized in a spatial hierarchy. This post explains how it works and ships a setup generator.
Twelve Local Directories, Thirty Minutes, One Coverage Check
Yelp, BBB, Bing Places, Yellow Pages, Foursquare, Nextdoor, Apple Maps, Facebook, Angi, HomeAdvisor, Thumbtack, TripAdvisor. Twelve directories that shape your local citation graph. Find out which ones you're missing in three minutes.
Audit Your LinkedIn Newsletter Like It's A Growth Funnel (Because It Is)
Most LinkedIn newsletters are an abandoned Substack draft with a bad cover image. This audit scores cadence, word-count sweet spot, cover, hook density, hashtags, and CTA — with a rewrite prompt.
Kubernetes Readiness — The Twenty Signals That Separate A Prod Cluster From A CV
20-signal Kubernetes readiness checklist: resource requests & limits, security context, probes, network policies, secrets, RBAC, backups. Plus an AI remediation prompt that produces patch YAML for whatever you're missing.
ItemList & Carousel Schema Without Writing It By Hand
Paste a list of URLs. Get valid ItemList or Carousel JSON-LD with correct position fields for Google rich results — in Summary, Article, Product, or Course flavors.
Your Instagram Bio Is A 150-Character Landing Page. Audit It Like One.
Bio hook, link-in-bio, category badge, contact button, profile photo, posts count. Nine signals decide whether Instagram is doing anything for your business. This audit surfaces which ones are missing.
Your Google Maps Listing Decides The Phone Call. Audit It.
Rating ≥ 4.2, ≥ 20 reviews, phone visible, address correct, recent photos, accurate hours. Eight signals decide whether a Google Maps searcher calls you — or the business next door.
GitHub Repo Visualizer — The Shape Of Your Code, At A Glance
Paste any GitHub repo. See stars, forks, open issues, default branch, license, language composition, top 10 contributors, and recent releases on one page.
Your GitHub Profile Is An E-E-A-T Asset. Score It Like One.
AI models weigh GitHub profiles as sameAs-grade identity signals. This audit scores a user, org, or repo against the 14 signals that drive topical authority — README depth, topic tags, license, releases, contributors.
GBP Competitor Research Without A $300/Month Tool
17 signals, 5 competitors, one worksheet. Do the GBP competitive research that local-SEO SaaS sells for $300/month — in 30 minutes with a structured checklist and an AI brief that translates gaps into action.
The Only AEO KPI You Actually Own — GA4 LLM Referral Segment
Pick the AI answer engines to track and get a ready-to-paste GA4 audience, Looker Studio filter, GTM trigger, and BigQuery SQL. The AEO KPI that lives in your analytics, not a paid dashboard.
Bulk-Tag a Thousand Keywords by Funnel Stage — The Funnel Keyword Audit
Paste a keyword list, get every row tagged by funnel stage and intent, plus a distribution chart, a CSV export, and a content-brief AI prompt that turns the list into a page-by-page plan.
Facebook Pages Still Matter For Local Businesses — Audit Yours
Profile photo, cover image, hours, phone, website link, rating, about section. Facebook Pages are quietly one of the largest review platforms online. This audit scores the signals that drive local discovery.
Docker For A Small Business — Generate The Compose File You Actually Need
Pick the services your small-business stack runs. Get a best-practice Dockerfile (multi-stage, non-root, health-checked) and a docker-compose.yml with volumes, networks, Traefik auto-HTTPS, and the env plumbing you'd forget.
Google Discover Readiness — The 14 Signals That Actually Drive Placement
Discover is Google's quietly enormous discovery surface. Most articles miss one of three things — hero image width, max-image-preview:large, or NewsArticle schema. This audit catches all three in one pass.
Who Signed Your Image? A Content Credentials (C2PA) Checker
Scan a page or single image URL for C2PA / Content Credentials manifests. Find out which of your images carry a provenance chain and which don't.
Docker vs docker-compose vs Kubernetes — A Small-Business Decision Tree
Interactive stage-by-stage diagrams of the three containerization tiers. Plain Docker, docker-compose, Kubernetes. See what each layer does for you — and which tier your business actually needs.
Cameo Profile Audit — Price, Sample, Response, Rating, Reviews
Five signals decide whether a Cameo visitor books. Sample video, price transparency, response-time promise, star rating, review count. Audit yours in under a minute.
Your BookBub Profile Is A Conversion Funnel. Fix It In 10 Minutes.
Twelve signals decide whether a BookBub visitor becomes a follower. Most author profiles fail on three of them. This audit surfaces exactly which three.
Ship A Bluesky Custom Feed On A Cloudflare Worker
Compose a Bluesky / AT Protocol custom feed from keyword include/exclude rules, account allow/deny lists, and language filters. Outputs a deployable Cloudflare Worker.
What 'Hosting On IPFS' Actually Means — A Step-By-Step Visualizer
Interactive diagrams showing exactly how ENS, Handshake, and Unstoppable Domains resolve to content, and how IPFS and Arweave hosting actually store your data — step by step, phase by phase, with the commands at each step.
Blockchain Stack For A Small Business — When It Pays, When It Doesn't
Compose a blockchain-native stack — decentralized DNS (ENS, Handshake, Unstoppable), decentralized hosting (IPFS, Arweave), crypto payment rails (BTCPay, Coinbase Commerce, Stripe Crypto, Lightning) — for a small business. Honest trade-offs, no hype.
Apple Business Connect — The GBP Clone Everyone Forgets
Apple Maps covers roughly 30% of US users by default. Apple Business Connect is the GBP equivalent — with Showcases, Action items, Indoor Maps, and native iOS handoffs. Most businesses don't claim it.
App Store Listing Audit — The Seven ASO Signals That Decide Installs
Icon, description hook, rating, rating count, last update, screenshots, keyword coverage. Audit your App Store or Google Play listing against the ASO signals that gate install conversion.
Repo Strategy — Public, Private, Branch Approvals, And The Privacy Tier Most People Skip
When to make a repo public. When to keep it private. How branch approvals actually work. The alternatives to GitHub (GitLab, Gitea, Codeberg, Sourcehut, Forgejo). And the legitimate privacy-focused hosting that lives on Tor / Proton — with the legal context most writers skip.
Passage Retrieval Is The New SEO — Why Your Page Score Doesn't Match Your AI-Citation Rate
AI answer engines chunk your page into ~150-token passages and cite the individual chunks, not the page. A page with a great overall SEO score still loses citations if every passage is too thin, pronoun-dependent, or missing named entities. The new Retrieval tab scores every paragraph on the jwatte.com tools.
Mark It N/A: Dismiss Audit Checks That Don't Apply to Your Site
Every SEO audit surfaces checks that don't apply to your site — rel=author on a company site, Wikidata for a single-location shop, ORCID for a non-academic author. The jwatte.com tools now let you mark those Not Applicable, persist the decision, and exclude them from the AI fix prompt.
llms.txt Structural Validation — Beyond Presence, Does Yours Actually Match the Spec?
Most llms.txt files on the web are just a flat dump of URLs. The llmstxt.org spec calls for an H1 title, a blockquote description, H2 sections, and structured link lists — the exact shape AI retrieval engines expect. Here's the canonical structure and the validator that enforces it.
Hreflang Must Be Bidirectional — Why Google Demotes Multilingual Sites With One-Way Links
If your English page declares a Spanish alternate, the Spanish page must declare English back. One-way hreflang silently demotes both pages in Google. The fix is a reverse link; the audit is a single pass through every declared alternate.
Export Your Audit: Make Every SEO Scan Reproducible
The Mega Analyzer and Site Analyzer now let you export a full audit as JSON, import it later, and regenerate the AI fix prompt — without re-fetching the site. One-click export means scans become shareable, diff-able, and archivable.
AI Terminal Kickstart — Set Up Claude Code, Codex, ChatGPT CLI & GitHub Copilot On A Fresh Box
Step-by-step install for Claude Code, OpenAI Codex, ChatGPT terminal, GitHub Copilot CLI and Netlify CLI on Windows (PowerShell) and Linux (Bash). Copy-paste commands for every dependency, auth step, and first session.
Does Your robots.txt Agree With Your ai.txt? The Silent AI-Crawler Misconfig Most Sites Have
Four different files tell AI crawlers whether they can read your site. When they disagree, each bot resolves the conflict differently — GPTBot may honor robots.txt, Perplexity may honor ai.txt, Google-Extended may honor X-Robots-Tag. The audit you need takes 30 seconds and catches the misalignment every SMB site has.
The AI Posture Audit — From Per-Bot Matrix to One Master Prompt
The AI Posture Audit evolved from a single-purpose crawl-directive checker into a full discovery-surface audit. It now fetches 13 identity + policy files, validates the llms.txt structure, and emits one master prompt covering every finding — so you paste once into Claude or ChatGPT and get a consolidated fix plan, not six separate prompts to juggle.
Top AI CLIs — How To Feed Them The Prompts Our Generators Build
Claude Code, Gemini CLI, aichat, OpenAI CLI, llm, and continue. Seven command-line AI tools and a concrete pattern for feeding each one the mega-prompts our site builders and analyzers generate.
Why I Built the WCAG Audit Tool (and Why You Probably Need It More Than You Think)
Over 5,000 ADA website lawsuits were filed in 2025. A Portland yoga studio paid $11,500 for something that takes two hours to fix. I built a free WCAG 2.1/2.2 AA scanner so small business owners can check themselves in fifteen minutes. Here's what it does, why it exists, and the three-step test you can run right now with no signup.
Why I Built a WCAG 2.1 / 2.2 AA + 3.0 Draft Accessibility Audit Tool (and How to Fix Every Issue It Finds)
A free in-browser accessibility audit that mirrors WAVE WebAIM — covers WCAG 2.1 AA baseline, the six new 2.2 AA outcomes, the 3.0 draft readability outcome, exports CSV / HTML / PDF, and hands you an AI fix prompt. Here is why it exists, what it finds, and how to fix every issue yourself.
Newsletter Swap Matchmaker: Fair-Value Calculator, Partner Criteria, and Three Outreach Templates
A new free tool that calculates a fair-swap value for your newsletter (opens, CPM, CPC), surfaces eight partner-fit criteria, and generates cold, warm, and paid outreach templates plus a one-page swap brief.
Claim Your Coined Framework: The Framework Origination Signal Generator
A new free generator that produces DefinedTerm + CreativeWork JSON-LD, a Wikipedia stub, an Internet Archive submission checklist, a canonical outline, and a press-release template so you can be credited as the origin of a framework or method you coined.
Entity Citation Radar: See Every High-Authority Source That Should Cite You
A new free tool that maps sixteen high-authority sources (Wikipedia, Wikidata, Internet Archive, Goodreads, OpenLibrary, Google Scholar, Zenodo, ORCID, Crunchbase, and more) against your book, author, brand, or framework — with a visual radar and a submission checklist for every gap.
Introducing the AI Citation Readiness Audit: Score Your Content for Perplexity, ChatGPT, and Claude
A new free tool that scores any article for how likely Perplexity, ChatGPT, Claude, Gemini, and Google AI Overviews are to cite it — across 14 on-page signals.
The Tools Nav Trap: When Your Dropdown Promises a Page That Doesn't Exist
A 'Tools' dropdown in the nav that never ships a /tools/ landing page is a broken signal. Users expect it. Crawlers expect it. Netlify's catch-all sends it to 404. Here's how I keep catching this and how to fix it in ten minutes.
Score Ten Sites Across Every Dimension in One Run — The Mega Batch
The Mega Batch runs the Mega Analyzer's six-bucket convergence across up to 10 URLs at once. Score matrix, weakest-link tag per row, and a mega batch AI fix prompt that covers the whole portfolio.
One URL, Every Audit in One Pass — The Mega Analyzer
The Mega Analyzer converges every jwatte.com SEO tool into a single site audit. SEO, schema, E-E-A-T, voice, mobile parity, performance, AI-search — six bucket scores, one grade, one copy-paste AI fix prompt.
sitemap-image.xml: The Second Sitemap Most Sites Skip and Multimodal AI Notices
A regular sitemap tells crawlers which pages exist. sitemap-image.xml tells them which pictures live on which page. Here's how to structure it and when shipping it actually matters.
Sitemap Delta: Finding the URLs Your Site Links To That Are Not in Your Sitemap (and Vice Versa)
Crawl your site, diff what you link against what sitemap.xml lists. Three buckets fall out. Here's what each one means and how to fix them.
HSTS, CSP, and the Security Header Bundle: The Trust Signal You Send With Every Response
Six response headers, one deploy, measurable ranking and AI-citation improvements. Here's the bundle I ship on every site and the Netlify config to do it.
Netlify force = true and the Redirect Loop You Ship By Accident
Adding force = true to a Netlify redirect rule feels harmless. On slash-normalizing rules it creates a self-referential redirect loop that curl -L hits the 50-redirect limit on. Here's what's actually happening and when force is safe to use.
max-snippet, max-image-preview, max-video-preview: The Robots Meta Line Most Sites Forget
Google caps snippet length at 160 characters by default. AI answer engines respect the same cap. One meta tag removes it. Here's the line and where to put it.
llms.txt, llms-full.txt, and the .well-known Mirror: What They Are and Why Every Site Should Ship All Three
llms.txt is how you hand AI retrieval engines a clean, curated map of your site. Here's what goes in it, how llms-full.txt differs, and why you should also serve /.well-known/llms.txt.
JSON Feed Alongside RSS: Shipping /feed.json as Well as /feed.xml
RSS is the lingua franca of syndication. JSON Feed is the modern sibling that newer aggregators prefer. Here's the spec, the differences, and why I ship both from the same source.
humans.txt: The One-File Transparency Signal That Still Matters in 2026
humans.txt was invented for the web in 2011 as a credits file. In 2026 it quietly doubles as an E-E-A-T and authorship-verification signal that AI citation engines parse. Here's why and how to ship it.
geo.position, LocalBusiness Schema, and og:locality: The Location Signal Triplet
Apple Maps, Bing, voice assistants, and location-aware AI all read the same three location signals. Miss any one and the local-business page is partly invisible. Here's the triplet.
Footer Completeness: Why Every Sitemap URL Needs At Least One Footer Link
A page in your sitemap that no internal nav links to is an orphan. Search engines deprioritize orphaned sitemap entries because authority has no path to flow to them. Here's the footer rule I follow on every site I run.
dateModified, Updated Stamps, and article:modified_time: The Three-Layer Freshness Signal
AI citation engines weight fresh content. Three freshness signals in three different places is how you prove content is current without gaming it. Here's the layering I use.
Cross-Site Link Hygiene: Why Relative Links Are the Enemy of a Multi-Site Network
When you run six book sites, twenty satellite sites, and one tools hub under one author, relative markdown links become the number one source of 404s. Here's the real case that cost me three deploys to trace and the registry pattern I use now.
<cite> and <blockquote cite=>: The Semantic HTML Most Sites Forgot
Two HTML elements from the 1999 spec that AI citation engines read as source-quality signals. Most sites render quotes with a div and a class. Here's why that is a missed signal.
Every Tag Link Is a 404 Until You Build the Tag Pages
Eleventy blog templates love to emit /blog/tag/SLUG/ anchors on every post. If you never set up tag pagination, every one of those links is a 404. Here's the detection pattern and the template you need to fix it in ten minutes.
How Your Copy Reads — Measuring Voice Against the Pages That Rank
The free Voice & Tone Analyzer at jwatte.com measures reading grade, sentence shape, passive voice, and CTA density for any page — and lets you compare against the Google top 10. Find out why the ranking pages read differently than yours.
Who Owns the AI Overview, Featured Snippet, and PAA for Your Query — A Free Tracker
The free SERP Feature Coverage Tracker at jwatte.com detects every feature firing on a Google SERP — AI Overview, featured snippet, People Also Ask, video carousel, image pack, knowledge panel, sitelinks — and surfaces which hostname owns each one.
Mobile-First Indexing Is Indifferent to What Looks Good on Desktop — Here's How to Check
The Mobile vs Desktop Parity Check at jwatte.com fetches any URL with both a desktop Chrome and an Android Chrome User-Agent, then diffs the HTML, headings, schema, and link count. Catch hidden mobile-only content gaps that Google sees but you don't.
Find Orphans and Hubs With a Free Internal Link Graph
The free Internal Link Graph at jwatte.com crawls your site from a seed URL, charts the topology, and surfaces orphan pages (no inbound internal links) plus hubs (high-authority concentration points) — no account, no paid crawler, runs in the browser.
Harvest Every FAQ From the Google Top 10, Deduped and Ready to Implement
The free FAQ Harvester at jwatte.com pulls FAQPage JSON-LD + accordion questions + question-shaped headings from every top-ranking page for your target query. Deduplicates, clusters by theme, and outputs a ready-to-paste FAQPage schema block.
Track When Competitor Pages Change, What They Add, and Who's Catching Up
The free Content Velocity Monitor at jwatte.com snapshots any set of URLs today. Re-run later and see word-count deltas, new and removed H2s, schema additions, and publish-date changes. Browser-local storage — no monitoring service needed.
Blog Syndication Playbook: How to Cross-Post to X, Medium, and LinkedIn Without Losing SEO
A step-by-step playbook for syndicating one blog post to X, Medium, and LinkedIn in under 15 minutes per post — with the canonical-URL settings that protect your search traffic and a $24/month automation stack that does most of it for you.
Running Keyword Inspection Across a Network of Sites Without Losing a Day
When you own a network of sites, gap analysis at the per-site level doesn't scale. Here is how to use the free Keyword Inspection tool at jwatte.com to run coordinated keyword research across a portfolio of properties. Pairs with The $100 Network methodology.
Launching a New Site? Run Keyword Inspection Before You Write the Homepage
The free Keyword Inspection tool at jwatte.com lets you see what the Google top 10 ranks for before your site even exists. Use it to build your information architecture, not to patch it later. Pairs with The $97 Launch methodology.
The Fastest Keyword Gap Analysis an Agency Can Run in 2026
A walkthrough of the free Keyword Inspection tool at jwatte.com for agency teams running client SEO: paste a target term, the Google top 10, and your client's URL, and deliver a keyword, heading, and schema gap report in under two minutes. Pairs with The $20 Agency methodology.
Why Every Website Needs an AI Agent Card in 2026
AI agents are crawling the web autonomously. An agent-card.json file in your .well-known directory tells them who you are, what you offer, and how to interact with your site. Here's how to deploy one.
Best Personal Finance Books in 2026 (And Why Most Lists Are Wrong)
Every 'best finance books' list recommends the same titles from 1997. Here's why those lists fail in 2026 — and which books actually address inflation, AI, energy mandates, and the insurance crisis.
The Trap Series: Which Book to Read First (And Why It Matters)
Six books. 2,611 pages. But you don't need to read them in order. Your starting point depends on where you are right now. Here's a decision tree to find your Book 1.
If You Liked Rich Dad Poor Dad, Read These Next
Rich Dad Poor Dad changed how you think about money. These 6 books give you the specific strategies, tax math, and exit plans Kiyosaki never covered.
13 Personal Finance Books Worth Reading in 2026 (Most Lists Get This Wrong)
The 13 best personal finance and FIRE books in 2026 — from wealth building to tax strategy to real estate to starting a business. Includes The W-2 Trap, Rich Dad Poor Dad, and more.
I Escaped the Rat Race. Here's the Exact 6-Book Framework I Used.
Ready to escape the rat race? Here's the complete framework — understand the trap (W-2 Trap), build an exit ($97 Launch), promote it ($20 Agency), avoid real estate mistakes (Condo Trap + Resale Trap).
You Have $0 and No Connections. Here's How to Build Wealth Anyway.
No trust fund? No inheritance? Here's how to build wealth from nothing — using tax strategy, low-cost business models, and smart real estate decisions. A 5-phase framework.
You Have $97 and a Laptop. Here Are the Books That Turn That Into a Business.
Want to start a business but have no capital? These 8 books show you how — from $97 startups to bootstrapping to the tax advantages of business ownership.
Why W-2 Workers Stay Broke (Even Making Six Figures)
Making six figures but still broke? The problem isn't your budget — it's structural. Here's why W-2 workers lose wealth to currency devaluation and taxes, and what to do about it.
I Wrote 380 Pages on Condo Economics. The Answer Is Almost Always No.
After writing a 380-page book on condo economics, here's the honest answer: for most buyers in most markets, condos are a bad investment in 2026. Here's why.
Should You Build or Buy a House in 2026? The 25-Year Math
Is it cheaper to build or buy a house? After analyzing all 50 states, the data shows a $400K resale costs $318K-$506K more than a $400K new build over 25 years.
Stop Reading Finance Books in Random Order. Here's the Sequence That Actually Works.
Overwhelmed by FIRE books and financial independence reading lists? Here's the optimal reading order for 2026 — from understanding the problem to building solutions to protecting your wealth.
