AAIO Glossary

Definitions for every term used across the AAIO framework — from agent commerce to llms.txt.

A2A (Agent-to-Agent): The Agent-to-Agent protocol, introduced by Google in April 2025. A2A standardizes how AI agents discover one another, exchange capability descriptions ("agent cards"), and coordinate multi-step tasks. Where MCP covers agent-to-service communication, A2A covers agent-to-agent communication; the two are complementary, not competing. As of early 2026, A2A has signed enterprise partners across consulting, CRM, and cloud-platform vendors. Spec: a2a.dev. See also: mcp, agent-card, nlweb
Skill (A2A): An A2A protocol primitive declaring a discrete capability an agent offers. Skills attach to an Agent Card and let calling agents pick the right callee for a given step. Distinct from a generic "skill" — A2A skills are typed, parameterized, and machine-callable. Spec: a2a.dev. See also: a2a, a2a-task, agent-card
Task (A2A): An A2A protocol primitive representing a unit of work one agent delegates to another. Tasks carry typed inputs, expected outputs, and an explicit lifecycle (pending → running → completed / failed). Distinct from the generic "task" — A2A tasks are protocol objects with status semantics agents can poll. Spec: a2a.dev. See also: a2a, a2a-skill, agent-card
AAIO: Agentic AI Optimization — the practice of preparing a website so AI agents can discover, understand, and successfully use it. AAIO is the framework Spekto scores against; it covers the access layer (Visibility), comprehension layer (Clarity), and action layer (Usability), plus four Frontier categories for capabilities that haven't yet stabilized for scoring. AAIO overlaps with traditional SEO at the discovery layer but extends past it: agents act on the web, not just read it. See also: visibility, clarity, usability, geo
ACP: Agentic Commerce Protocol — launched September 29, 2025 by OpenAI and Stripe. ACP defines how AI agents complete purchases on a user's behalf via Shared Payment Tokens (SPTs): payment credentials stay with the AI platform, never reaching the merchant. Supports REST and MCP transports. ACP and Google's UCP are the two converging stacks for agent-initiated commerce. Spec: docs.stripe.com. See also: ap2, ucp
Add-to-cart endpoint: A machine-callable API route (typically POST /cart/items or equivalent) that lets a client add a SKU + quantity to a cart without navigating the rendered checkout UI. Agent-friendly checkout flows expose an add-to-cart endpoint either explicitly (documented public API, MCP tool, OpenAPI spec) or implicitly (stable form-POST contract on the product page). When the endpoint is absent or hidden behind anti-automation, agents fall back to brittle browser automation. See: Cart Accessibility. See also: cart-token, headless-checkout, guest-checkout, openapi
AEO: Answer Engine Optimization — optimizing content to be the cited answer in AI-powered Q&A surfaces (Google AI Overviews, ChatGPT, Perplexity, Claude). Often used interchangeably with GEO; AEO has a slightly narrower focus on Q&A queries rather than the broader generative-search experience. See also: geo, ai-overview
Agent (AI): An AI agent is an autonomous software system that perceives, reasons, and acts in digital environments to achieve goals on behalf of a human principal. Agents differ from chatbots (which mostly answer questions) and crawlers (which only fetch and index): agents complete multi-step tasks, use tools, and execute transactions. The current generation includes ChatGPT Search and Operator (OpenAI), Claude with Computer Use (Anthropic), Perplexity, Google's Gemini agents and Project Mariner, and the agents inside enterprise platforms (Salesforce Agentforce, Microsoft Copilot, ServiceNow Now Assist). See also: computer-use-agent-cua, mcp
Agent Card: A machine-readable document declaring an AI agent's identity, capabilities, supported protocols, and authentication requirements. Agent cards are the discovery primitive in the A2A protocol — when one agent wants to delegate a task, it looks up another agent's card to decide whether the target can do the work and how to call it. Conceptually similar to OpenAPI for APIs, but expressed in agent-native terms. Spec: a2a.dev. See also: a2a
Agent Commerce: The Spekto Frontier category covering payments, checkout flows, and transaction infrastructure for AI-agent-initiated commerce. Includes protocols (AP2, Visa Intelligent Commerce, Mastercard Agent Pay) and platforms (ChatGPT Shopping, Perplexity Shop) that allow agents to complete transactions on behalf of a user. See also: ap2, acp, ucp
Agentforce: Salesforce's AI-agent platform, layered on top of the AppExchange marketplace. Agentforce agents discover capabilities via partner-published apps and act inside the Salesforce CRM context. Listing on the marketplace with Agentforce-aware metadata is increasingly load-bearing for B2B vendors selling to Salesforce-using customers. See also: appexchange, copilot-studio
Linux Foundation Agentic AI Foundation: A cross-vendor venue for standardizing agent protocols and infrastructure, launched under the Linux Foundation in 2025. Backers include Google, Anthropic, Microsoft, Cisco, and dozens of enterprise partners. Hosts working groups on A2A, NLWeb, and other open agent specs. Source: lfaidata.foundation. See also: a2a, mcp, nlweb
Agentic Token: A Mastercard primitive introduced with Mastercard Agent Pay in April 2025 — a card credential scoped per agent with per-agent permissions, spend limits, and revocability. Agentic Tokens give merchants a verifiable signal that an AI agent is acting with explicit user authorization for a specific transaction, addressing the "is this agent authorized to spend the user's money" problem at the network layer. Source: mastercard.com. See also: mastercard-agent-pay, ap2, shared-payment-token
AGENTS.md: An emerging convention parallel to llms.txt — a Markdown file at the root of a repository or site that gives AI agents structured context: project conventions, runtime instructions, capability descriptions. Adopted by several developer-tool vendors (Cursor, Sourcegraph, others) as a coding-agent companion. Earlier-stage than llms.txt; complementary rather than competing. See also: llms-txt, mcp
AggregateRating: A Schema.org type that summarizes the ratings of a Product or service across many reviews (ratingValue, reviewCount, bestRating). Surfaces in Google rich results, AI Overviews, and agent-driven shopping comparisons. Pairs with Review markup for full review coverage. Spec: AggregateRating on the registry. See also: schemaorg, review-schema, schemaorg-product
AI Overview: Google's AI-generated answer surface, displayed above traditional organic results in Google Search for many queries. AI Overviews extract content from indexed pages and present a synthesized answer with citation links. As of March 2026, only ~38% of AI Overview citations come from pages ranking in the top 10 — Google increasingly cites pages from query-fan-out SERPs the user never sees, which makes citability a goal distinct from rankability. See also: geo, schemaorg
Akamai Bot Manager: Akamai's edge-layer bot-detection and -mitigation product. Like Cloudflare's bot fight mode, Akamai Bot Manager can silently block AI crawlers when rules are tuned aggressively — a common failure surface for sites running Akamai in front of their origin. Detection is harder than for Cloudflare because Akamai responses are less distinctive. Source: akamai.com/bot-manager. See also: waf, bot-fight-mode, cloudflare-turnstile
AmazonBot: Amazon's web crawler. Used for indexing content into Amazon's search and shopping experiences. As of 2026, ~14% of sites in Spekto's calibration corpus block AmazonBot. Source: developer.amazon.com/amazonbot. See also: robots-txt
anthropic-ai: Anthropic's training-data crawler user agent. Distinct from ClaudeBot (which serves Claude's training and search) and Claude-User (which fetches on behalf of a Claude user during a conversation). Allowing anthropic-ai is a separate decision from allowing other Anthropic UAs. See also: claudebot, claude-user, robots-txt
AP2: Agent Payments Protocol — Google's standard for agent-initiated payments, integrated into the broader UCP. AP2 uses cryptographic Mandates and Verifiable Digital Credentials to prove an agent is acting with user consent for a specific authorized transaction. Distinct from ACP (OpenAI + Stripe) — the two are converging stacks rather than direct competitors. See also: acp, ucp, agent-commerce
AppExchange: Salesforce's app marketplace. Where Salesforce customers (and increasingly Salesforce-bound agents like Agentforce) discover third-party services to integrate. An AppExchange listing is no longer purely human-facing; agentic discovery patterns now route through the same marketplace. Source: appexchange.salesforce.com. See also: agentforce, appsource
Applebot-Extended: Apple's training-data crawler user agent, used for AI features in Apple Intelligence and Siri. As of 2026, ~14% of Spekto's calibration corpus blocks Applebot-Extended. Source: support.apple.com/HT204683. See also: robots-txt
AppSource: Microsoft's app marketplace, covering Microsoft 365, Dynamics, Power Platform, and Copilot Studio integrations. Agentic discovery inside Microsoft Copilot routes through AppSource for many capabilities. Microsoft Verified Publisher status is an increasingly load-bearing trust signal for agent-routing decisions. Source: appsource.microsoft.com. See also: appexchange, copilot-studio
ARIA: Accessible Rich Internet Applications — a W3C specification for HTML attributes that expose semantic meaning of UI elements to assistive technology. ARIA matters to AAIO because computer-use agents (Anthropic Computer Use, OpenAI Operator) often navigate the DOM via ARIA roles and labels rather than visual cues. Strong ARIA hygiene improves both human accessibility and agent-action reliability. Spec: w3.org/WAI/ARIA. See also: computer-use-agent-cua
Availability calendar: A structured view of which dates or time-slots a bookable resource (a hotel room, a clinic appointment, a restaurant table, a vacation rental) is open or held. Agent-friendly booking flows expose availability as machine-readable data — JSON, iCal, a time-slot API, or Schema.org Reservation/Event markup — rather than locking it inside an interactive widget. Without a queryable calendar, agents can't filter, compare, or pre-check before attempting a booking. See: Direct Booking Flow. See also: time-slot-api, direct-booking, booking-confirmation, host-calendar
AWS Shield: AWS's managed DDoS-protection and WAF service, integrated with CloudFront and Application Load Balancer. Shield's default rules can incidentally block AI crawler traffic, especially when paired with AWS WAF managed rule groups. A common silent-fail surface for sites hosted on AWS edge. Source: aws.amazon.com/shield. See also: waf, akamai-bot-manager, bot-fight-mode
BBB (Better Business Bureau): A US-based non-profit that maintains business-conduct ratings and accredits members against a code of practice. BBB profiles surface complaint counts, response patterns, and an A+ → F letter grade per business. In AI-agent vendor-reputation extraction, a BBB profile acts as a third-party trust signal — corroborated reputation that agents can cite alongside Trustpilot and Trustedshops. Primarily relevant for US-headquartered service and e-commerce businesses. Source: bbb.org. See also: trustpilot, trustedshops, vendor-reputation, review-aggregator
Bot Fight Mode: A Cloudflare setting that issues JavaScript challenges, CAPTCHAs (Turnstile), or hard blocks against suspected bot traffic. Enabled by default on many Cloudflare plans, it routinely catches AI crawlers (GPTBot, ClaudeBot, PerplexityBot) even when robots.txt explicitly allows them. The single most-cited cause of accidental AI-bot blocking. Source: Cloudflare bot fight mode docs. See also: cloudflare-turnstile, waf, robots-txt
Booking confirmation: The structured response a booking flow returns after a reservation succeeds — typically including a confirmation number, the reserved date/time, the resource booked, and a cancellation/modification URL. Agent-friendly booking flows return confirmation data in a machine-readable form (JSON response, structured email, calendar attachment) rather than only as visual UI state, so the calling agent can persist the booking and report back to the user. Missing or unstructured confirmations are a common failure surface: the agent did book but can't prove it. See: Direct Booking Flow. See also: direct-booking, availability-calendar, time-slot-api, idempotency
Brand-safety signals: Public, third-party-corroborated indicators that an agent can use to decide whether a vendor is safe to recommend or transact with — review-aggregator ratings (Trustpilot, Trustedshops, BBB), Google Safe Browsing status, business registration data, and certification badges. Agents weight brand-safety signals heavily when ranking vendors for user-facing recommendations — a missing or contradictory signal can suppress otherwise-strong listings. See: Vendor Reputation. See also: vendor-reputation, trustpilot, trustedshops, bbb, google-safe-browsing
Business status: A Schema.org LocalBusiness property (openingHoursSpecification + related signals) declaring whether a business is currently operating, temporarily closed, or permanently closed. Critical for agents recommending local services: a vendor flagged as closed in Google's Knowledge Graph or Maps can be excluded from agent recommendations entirely, even if the website is online. Pairs with OpeningHoursSpecification and holiday hours for full operating-signal coverage. See: Operating Signals. See also: openinghoursspecification, holiday-hours, organization-schema, knowledge-graph
Bytespider: ByteDance's web crawler, used to train and update the company's AI products (including Doubao). As of 2026, ~11% of Spekto's calibration corpus blocks Bytespider. See also: robots-txt
Canonical with facets: The pattern of declaring a single canonical URL (<link rel="canonical">) for a facet-filtered listing page so crawlers and agents understand which variant is the indexable representation. Done well, canonicalization lets a site expose every filter combination via clean URLs without diluting crawl budget or splitting agent extraction across near-duplicate pages. Done badly, every facet click spawns a separately-indexable URL with no canonical hint, and agents see hundreds of conflicting "category" pages claiming the same products. See: Faceted Navigation. See also: faceted-navigation, filter-url-parameters, filter-taxonomy, sitemap
Capability descriptor: A machine-readable declaration of what an agent or service can do — the unit of capability discovery in agent protocols. MCP capability descriptors describe tools, resources, and prompts; A2A capability descriptors live inside an Agent Card and describe skills + supported tasks. Different shapes, same purpose: let a calling agent decide whether the callee can do the work. See also: mcp, a2a, agent-card, tool-schema
Cart token: An opaque, server-issued identifier (typically a UUID or signed string) representing a stateful shopping cart on a checkout backend. The cart token lets an agent build up an order across multiple requests without persistent session cookies, and is the load-bearing primitive for headless and API-driven checkout. Stripe Checkout, Shopify Storefront API, and most modern commerce platforms surface cart tokens explicitly; legacy platforms hide them inside opaque session state, making programmatic checkout harder. See: Cart Accessibility. See also: add-to-cart-endpoint, headless-checkout, guest-checkout
CCBot: The crawler operated by Common Crawl, a non-profit that publishes a regularly-updated open dataset of web pages widely used to train AI models. Allowing CCBot is a high-leverage decision: it's one of the few "block once, missed by many models" cases. ~16% of Spekto's calibration corpus blocks CCBot. Source: commoncrawl.org/ccbot. See also: robots-txt
ChatGPT-User: OpenAI's user-agent for ChatGPT browsing on behalf of an individual user during a conversation. Distinct from GPTBot (training-data crawling) and OAI-SearchBot (ChatGPT Search indexing). Allowing ChatGPT-User is the prerequisite for being citable in ChatGPT responses; blocking it removes you from the ChatGPT recommendation surface. Source: platform.openai.com/docs/bots. See also: gptbot, robots-txt
Claude-User: Anthropic's user-agent for Claude browsing on behalf of an individual user during a conversation. Allowing Claude-User is the prerequisite for being usable as a citation source by Claude; blocking it makes your site invisible to Claude's web-fetching tools. Source: docs.claude.com. See also: claudebot, anthropic-ai, robots-txt
ClaudeBot: Anthropic's primary crawler, used to train Claude and power Claude's search-and-cite responses. Distinct from anthropic-ai (separate training crawler UA) and Claude-User (browsing on behalf of a user). ~14% of Spekto's calibration corpus blocks ClaudeBot — usually a configuration accident, since blocking removes you from Claude's citation surface. Source: docs.claude.com. See also: anthropic-ai, claude-user, robots-txt
Clarity: The Spekto sub-grade covering the comprehension layer — once an agent has fetched your pages, can it confidently understand what you offer, what it costs, and whether you're trustworthy? Clarity scores 14 parameters covering Schema.org markup, content extractability, business identity, pricing transparency, reviews, payment-trust signals, return policy, and llms.txt content quality. See: Clarity hub. See also: visibility, usability
Cloudflare Turnstile: Cloudflare's CAPTCHA-replacement challenge, designed to verify human users without the puzzle interaction. Frequently blocks AI agents — both crawlers and computer-use agents — because the JS-fingerprinting check resolves negatively for headless or programmatic clients. A common failure surface on inquiry forms, search interfaces, and login flows that gate against agents inadvertently. Source: Cloudflare Turnstile docs. See also: bot-fight-mode, waf
cohere-ai: Cohere's training-data crawler user agent. Used for indexing content into Cohere's foundation models and Coral assistant. Allowed by ~90% of Spekto's calibration corpus. See also: robots-txt
Computer-use agent (CUA): An AI agent that interacts with software via screenshots, mouse clicks, keyboard input, and DOM navigation — rather than via APIs. The current generation includes Anthropic's Computer Use, OpenAI's Operator, and Google's Project Mariner. CUAs are sensitive to UI stability: random class names, focus-trapping modals, and JS-rendered buttons all degrade their reliability. Designing for CUA targetability overlaps significantly with designing for accessibility. See also: aria, operator, project-mariner
Copilot Studio: Microsoft's platform for building and deploying agents inside the Microsoft 365 / Dynamics / Power Platform stack. Copilot Studio agents discover capabilities through AppSource; appearing there with agent-aware metadata is the primary route to being addressable by Microsoft Copilot. See also: agentforce, appsource
Core Web Vitals: Google's user-experience metrics: LCP (Largest Contentful Paint, < 2.5s), INP (Interaction to Next Paint, < 200ms), and CLS (Cumulative Layout Shift, < 0.1). Core Web Vitals affect both human SEO ranking and agent retrieval reliability — slow sites cause agent timeouts, layout shifts cause CUA selection failures. Source: web.dev/vitals. See also: computer-use-agent-cua
Cryptographic Mandate: An AP2 primitive — a cryptographically-signed proof that a user delegated specific spending authority to a specific AI agent for a specific transaction. Mandates carry the scope (amount, merchant, time window) and a verifiable user signature, letting merchants confirm agent-initiated payments are authorized without seeing the user's underlying credentials. Mandates plus Verifiable Digital Credentials are the load-bearing identity layer for AP2 / UCP. See: Agent Payment Networks. See also: ap2, ucp, shared-payment-token, mastercard-agent-pay
CSR (client-side rendering): A rendering strategy where HTML is constructed in the browser by JavaScript after the initial page load, rather than being delivered as static HTML from the server. CSR is the opposite of SSR. Most AI crawlers don't execute JavaScript, so CSR-only sites are largely invisible to them — content that requires hydration to appear is content the agent cannot read. See also: ssr, hydration, server-rendered-html
Deceptive content warning: A browser-level red-screen interstitial issued by Google Safe Browsing (and adopted by Chrome, Firefox, and Safari) when a site is flagged as hosting phishing pages, social-engineering content, or other deceptive patterns. AI agents that consult Safe Browsing — or whose host browsers do — will refuse to follow links into flagged sites. A single flag can suppress an entire domain from agent recommendation pipelines until the listing is cleared via Google Search Console. See: Google Safe Browsing. See also: google-safe-browsing, malware-flag
Direct booking: Reserving a service or resource straight from the operator's own site — first-party booking flow — as opposed to going through an OTA or marketplace. For agent-driven booking, direct-booking surfaces are strictly preferred when they expose an availability calendar and a machine-callable time-slot API; they eliminate the platform commission and give the agent fewer hops between user intent and confirmation. Sites that bury direct booking behind chat widgets or "request a quote" forms force agents back to the marketplace they were trying to bypass. See: Direct Booking Flow. See also: availability-calendar, time-slot-api, booking-confirmation, marketplace-booking
4-tier extraction rubric: Spekto's rubric for evaluating content-extraction parameters: Tier 1 (structured data — JSON-LD, Schema.org), Tier 2 (visible plain text in server-rendered HTML), Tier 3 (gated content behind login or paywall), Tier 4 (absent). Used across Clarity checks like Schema Coverage, Content Extractability, and llms.txt Quality. Higher tiers score better — the rubric reflects what agents reliably consume. See also: clarity, json-ld, schemaorg, structured-data
Faceted navigation: A category-listing pattern that lets users (and agents) narrow a result set by combining structured filter attributes — size, color, brand, price band, location, rating. Faceted navigation is the primary discovery surface on e-commerce and marketplace sites, and it's where most sites silently fail for agents: filters that only work via JavaScript, facet combinations that produce no canonical URL, and AJAX-loaded results that never appear in server-rendered HTML. As of 2026, 97% of e-commerce sites in Spekto's calibration corpus fail the faceted-navigation check. See: Faceted Navigation. See also: filter-url-parameters, canonical-with-facets, filter-taxonomy, server-rendered-html
FAQPage: A Schema.org type for FAQ sections, expressed as a mainEntity of one or more Question + acceptedAnswer pairs. FAQPage markup historically drove FAQ rich results in Google search; in 2026 those surfaces are largely retired, but the markup still feeds AI Overviews, voice assistants, and agent extraction of canonical Q&A content. Spec: FAQPage on the registry. See also: schemaorg, json-ld, rich-results
Filter taxonomy: The structured vocabulary of facet names and values exposed by a faceted-navigation surface — e.g. the list of brands, colors, and size codes a fashion site lets users filter by. Agent-friendly filter taxonomies are stable (slugs don't change between visits), enumerable (the full value list is discoverable from a single page or feed), and aligned with industry-standard category labels where possible. Inconsistent or hidden taxonomies force agents to brute-force filter combinations, which is slow and unreliable. See: Faceted Navigation. See also: faceted-navigation, filter-url-parameters, canonical-with-facets
Filter URL parameters: Query-string parameters that encode active facet selections in the page URL (e.g. ?color=red&size=m&sort=price-asc). Stable, readable filter URL parameters are the simplest way to make filtered listings crawlable, shareable, and agent-callable — every facet combination becomes a fetchable URL with predictable semantics. The anti-pattern: filters that update only client-side state and never change the URL, leaving the resulting view inaccessible to anyone without a live browser session. See: Faceted Navigation. See also: faceted-navigation, canonical-with-facets, filter-taxonomy
Fulfillment SLA: The committed service-level agreement on how quickly an order will be processed, shipped, and delivered — typically expressed as a processing window (e.g. "ships in 1–2 business days") plus a delivery window (e.g. "arrives in 3–5 business days"). Agents comparing vendors weight fulfillment SLAs heavily for time-sensitive purchases. Best expressed as structured data (OfferShippingDetails) rather than buried in policy prose, so agents can compare across vendors without LLM extraction guesswork. See: Shipping Clarity. See also: offershippingdetails, shipping-window, structured-data
GEO: Generative Engine Optimization — the practice of optimizing content for AI-powered answer surfaces (Google AI Overviews, ChatGPT Search, Perplexity, Claude with web access). GEO overlaps with AAIO at the citation layer (both want machine-readable, extractable answers), but GEO stops at being cited; AAIO continues into being usable for agent action. Many GEO best practices — declarative prose, FAQ blocks, Schema.org markup — also help AAIO. Often used interchangeably with AEO (Answer Engine Optimization). See also: aaio, aeo, ai-overview
Google-Extended: Google's training-data crawler user agent for Gemini and other AI products. Distinct from Googlebot (search indexing) — blocking Google-Extended doesn't affect search ranking, but does remove you from Gemini's training and citation surfaces. ~13% of Spekto's calibration corpus blocks Google-Extended, often by accident. Source: developers.google.com. See also: robots-txt
Google Safe Browsing: Google's URL-reputation database, queried by Chrome, Firefox, Safari, and many AI tooling stacks before following or recommending a link. Sites flagged for malware, phishing, social engineering, or unwanted software trigger a red interstitial in browsers and are suppressed in many agent recommendation pipelines. Status is checkable via the Safe Browsing API and via Google Search Console; a flag clears typically within 24–72h of remediation + reverification. See: Google Safe Browsing. See also: malware-flag, deceptive-content-warning
GPTBot: OpenAI's primary training-data crawler. Distinct from ChatGPT-User (browsing on a user's behalf) and OAI-SearchBot (ChatGPT Search). ~16% of Spekto's calibration corpus blocks GPTBot — often a reflexive "block AI" decision that backfires by removing the site from ChatGPT's citation surface. Source: platform.openai.com/docs/bots. See also: chatgpt-user, robots-txt
Guest checkout: A checkout flow that lets a buyer complete a purchase without creating an account or logging in. The single most-cited agent-friendliness signal for e-commerce: forced account creation breaks most agent commerce flows because the agent doesn't have a durable identity to register with, can't reuse a saved password, and can't accept email-verification challenges in band. Sites with strong guest-checkout support route ~3× more agent-initiated conversions than account-required equivalents in Spekto's calibration corpus. See: Cart Accessibility. See also: headless-checkout, cart-token, add-to-cart-endpoint
Headless checkout: A checkout architecture where the checkout backend is exposed through APIs (REST, GraphQL, MCP) that any frontend — a custom storefront, a native app, an AI agent — can drive without using the platform's hosted checkout UI. Shopify Storefront API, Stripe Checkout Sessions, and Commerce-Layer-style platforms pioneered headless patterns. For agent commerce, headless checkout is the structural enabler — without it, agents fall back to brittle browser automation over visually-rendered cart pages. See: Cart Accessibility. See also: add-to-cart-endpoint, cart-token, guest-checkout, openapi, mcp
HubSpot App Marketplace: HubSpot's third-party app store, increasingly relevant as HubSpot adds AI-agent features to its CRM, marketing, and service products. A listing here is the primary route to being discoverable by HubSpot's internal agents. Source: ecosystem.hubspot.com. See also: appexchange, appsource
Holiday hours: Exception entries in OpeningHoursSpecification that override a business's normal weekly schedule for specific dates — public holidays, seasonal closures, or special events. Agents recommending local services check holiday hours before suggesting a visit; a business that publishes regular hours but never updates holiday exceptions will be recommended at hours when it's actually closed. Best expressed as validFrom/validThrough constrained OpeningHoursSpecification entries. See: Operating Signals. See also: openinghoursspecification, business-status, organization-schema
Host calendar: A vendor/host-side calendar feed exposed to a marketplace platform so the marketplace can show real-time availability without double-booking — Airbnb's iCal sync, Booking.com's channel-manager integration, etc. For agent-driven marketplace bookings, the host calendar is the load-bearing primitive: if a marketplace lacks authoritative host-calendar sync, agent-issued reservations can collide with manually-accepted bookings, producing the double-booking failures that erode platform trust. See: Marketplace Bookings. See also: marketplace-booking, availability-calendar, inventory-unification, time-slot-api
Hydration: The process where a JavaScript framework (React, Vue, Svelte) attaches event handlers and reactivity to server-rendered HTML, turning a static page into an interactive app. Hydration mismatches — where the server-rendered HTML differs from what the client expects — are a common cause of content disappearing or rendering incorrectly for agents that partially execute JS. Agents that don't execute JS at all bypass hydration entirely and see only the pre-hydration server HTML. See also: ssr, csr, server-rendered-html
Idempotency: The property that performing an operation more than once produces the same result as performing it once. In agent contexts, idempotency is the load-bearing reliability primitive: agents do retry, and without idempotency support (typically via an Idempotency-Key HTTP header) a retry can produce duplicate orders, double charges, or corrupted state. Stripe's idempotency-key pattern is the de facto standard. Spec: docs.stripe.com. See also: retry-safety
Idempotency-Key: An HTTP request header carrying a client-generated unique identifier for an action. Servers persist the response keyed by this header for a retention window (Stripe's standard is 24 hours), returning the same response for any retry that carries the same key. The load-bearing primitive for safe agent retries: without it, agents that retry on 5xx or network errors create duplicate orders, double charges, or corrupted state. IETF working draft: draft-ietf-httpapi-idempotency-key-header. See: Retry Safety. See also: idempotency, retry-safety
Inquiry form: A structured contact-capture form for prospects whose decision requires a conversation — typical on B2B SaaS, professional services, custom-quote e-commerce, and high-consideration local services. For agent reachability, what matters is whether the form itself is reachable: fields exposed in the server-rendered HTML, no aggressive CAPTCHA, and a clear submit endpoint the agent can POST to with structured payload. Anti-patterns: forms loaded only by JavaScript, hidden behind chat widgets, or gated by login. See: Inquiry Flow. See also: lead-capture, qualification-flow, structured-contact-intent, cloudflare-turnstile
Inventory unification: The marketplace operating discipline of treating distributed, multi-vendor stock as a single addressable inventory so an agent can find a SKU regardless of which seller is fulfilling it. Amazon Marketplace, Mercado Libre, and other mature marketplaces enforce strict SKU normalization and canonical product pages; weaker marketplaces let vendors list the same product under wildly different SKUs, titles, and category paths, breaking agent product lookup and price comparison. See: Marketplace Bookings. See also: marketplace-booking, multi-vendor-checkout, host-calendar
JSON-LD: JSON for Linked Data — the Schema.org embedding format Google explicitly recommends for structured markup. JSON-LD lives in a <script type="application/ld+json"> block in your HTML and doesn't intermix with visible markup. Microformats and RDFa are alternatives, but JSON-LD is what most agents (and search engines) prefer to consume. Spec: json-ld.org. See also: schemaorg
JSON Schema: A specification (json-schema.org) for validating the structure of JSON documents — types, required fields, value constraints, nesting. JSON Schema is the underlying type system that OpenAPI request/response bodies and MCP tool schemas build on. For agent-API reliability, a well-described JSON Schema is what lets an agent know which parameters are required, which values are valid, and what shape the response will take — without it, agents fall back to trial and error. Spec: json-schema.org. See also: openapi, tool-schema, public-api-contract, mcp
Knowledge graph: A structured semantic data store representing entities (companies, people, products, places) and the relationships between them. Google's Knowledge Graph powers Knowledge Panels and Rich Results; agents increasingly use knowledge-graph-style internal representations to disambiguate entities ("which Linear?" → the Linear with this Organization schema and this domain). Schema.org markup is the most common way websites contribute structured entities to consumer-facing knowledge graphs. See also: schemaorg
Lead capture: The act of collecting contact info + qualifying context from a prospect — name, email, company, intent, budget signals — for follow-up by sales. Lead capture is the conversion event on most B2B and high-consideration sites. For agent-driven inquiry flows, lead capture works well when the form fields are reachable in server-rendered HTML, accept structured payloads, and confirm success in band; it fails when the experience is buried inside multi-step modal wizards or routes through chat-only intake. See: Inquiry Flow. See also: inquiry-form, qualification-flow, structured-contact-intent
llms-full.txt: A long-form variant of llms.txt, emerging alongside it. Where llms.txt is a high-signal table of contents (page titles + URLs + brief descriptions), llms-full.txt embeds the full Markdown body of the site's most important pages — a single-file site dump tuned for LLM context windows. Adoption is earlier than llms.txt; useful for API-doc and developer-tool sites where complete content matters more than navigation. See also: llms-txt, sitemap
llms.txt: A proposed plain-text manifest at site root (/llms.txt) that gives AI agents a high-signal map of your site: a brief description, links to your most important pages, links to spec/policy/about pages, and pointers to richer content. Conceptually a hybrid of robots.txt (machine-readable, root-anchored) and a sitemap (declarative content map), tuned for LLMs. As of 2026, ~17% of Spekto's calibration corpus has an llms.txt file — early but trending up sharply among API-first SaaS. Spec: llmstxt.org. See also: robots-txt, sitemap
Machine-callable endpoint: A stable, documented HTTP (or MCP) endpoint that an agent can invoke directly — predictable URL, declared request schema, predictable response shape, machine-readable error semantics. The opposite of "agent has to drive a browser" — when a capability is exposed as a machine-callable endpoint, the agent skips DOM parsing and clicks entirely. The strongest Usability signal a site can ship; the foundation of agent-API readiness. See: Agent API Spec. See also: openapi, public-api-contract, mcp, tool-schema, json-schema
Malware flag: A Google Safe Browsing classification indicating a URL hosts or distributes malware — virus payloads, drive-by downloads, exploit kits. The flag triggers a browser red interstitial and, in many AI tooling stacks, an outright refusal to follow the URL. Distinct from a deceptive-content warning (which covers phishing and social engineering); both have the same practical effect on agent recommendation pipelines. See: Google Safe Browsing. See also: google-safe-browsing, deceptive-content-warning
Marketplace booking: A reservation made through a multi-vendor platform — Airbnb, Booking.com, OpenTable, Vrbo, multi-host coworking platforms — where the marketplace owns the booking UX while each host controls inventory through a host calendar. For agent-driven bookings, marketplace flows add a layer: inventory-unification accuracy and host-calendar freshness determine whether the agent can trust the availability data the marketplace returns. See: Marketplace Bookings. See also: host-calendar, inventory-unification, multi-vendor-checkout, direct-booking
Mastercard Agent Pay: Mastercard's agent-payments platform launched April 2025 with anchor partners Microsoft, IBM, Salesforce, and Checkout.com. Built on Agentic Tokens — card credentials scoped per agent with permissions and limits. Agent Pay is one of the major card-network responses to agent-initiated commerce, alongside Visa Trusted Agent Protocol, ACP, and AP2. Source: mastercard.com. See also: agentic-token, visa-trusted-agent-protocol, ap2, acp
MCC code: Merchant Category Code — a four-digit ISO 18245 classification assigned by card networks to identify the type of business a merchant operates (e.g. 5411 grocery, 7011 lodging, 5734 software retail). MCCs determine interchange rates, payment-network policy eligibility, and increasingly affect agent-platform vendor acceptance: ChatGPT Shopping and similar surfaces use MCC to filter out restricted categories (gambling, adult, certain financial services). A correct MCC is a payment-trust signal agents implicitly consume via the payment processor. See: Payment Trust. See also: pci-dss, three-d-secure
MCP (Model Context Protocol): Introduced by Anthropic in November 2024 and now broadly adopted across model vendors (Anthropic, OpenAI, Google, Microsoft) and IDEs (VS Code, Cursor, JetBrains). MCP defines how an AI agent discovers and calls tools, fetches resources, and composes prompts from a service. As of early 2026, MCP is the de facto standard for agent capability declaration; tens of thousands of MCP servers have been published across consumer and enterprise software. Spec: modelcontextprotocol.io. See also: tool-schema, webmcp, a2a
MCP client: The agent-side endpoint of an MCP connection — the component that discovers an MCP server's capabilities, calls its tools, fetches its resources, and composes its prompts. MCP clients are embedded in agent applications (Claude Desktop, Cursor, custom agents); each can connect to many servers simultaneously. Spec: modelcontextprotocol.io. See also: mcp, mcp-server, mcp-resources, mcp-prompts
MCP prompts: One of the three primitive types an MCP server can expose (alongside tools and resources). Prompts are templated, named workflows the server offers to agents — a way for the server to suggest how to use its capabilities, not just what it can do. Less load-bearing than tools or resources in current adoption, but useful for guided workflows. Spec: modelcontextprotocol.io. See also: mcp, mcp-server, mcp-resources, tool-schema
MCP resources: One of the three primitive types an MCP server exposes (alongside tools and prompts). Resources are read-only data sources the agent can subscribe to or fetch — files, database rows, API payloads. Where tools are verbs (do something), resources are nouns (read something). Spec: modelcontextprotocol.io. See also: mcp, mcp-server, mcp-prompts, tool-schema
MCP server: The service-side endpoint of an MCP connection — the component a website, SaaS product, or internal tool ships to expose its capabilities to agents. Servers declare tools, resources, and prompts; agents (via MCP clients) discover and invoke them. Shipping an MCP server is increasingly the canonical way for a SaaS to be addressable by Claude, ChatGPT, Cursor, and other agentic clients. Spec: modelcontextprotocol.io. See also: mcp, mcp-client, mcp-resources, mcp-prompts, tool-schema
MerchantReturnPolicy: A Schema.org type for declaring a product's return policy as structured data — returnPolicyCategory, merchantReturnDays, returnMethod, returnFees, restockingFee. Google Shopping and AI-driven product comparisons use MerchantReturnPolicy to surface return-policy info inline with product listings; agents weighing purchase recommendations factor it into vendor-trust scoring. Returns that live only as prose on a separate policy page are largely invisible to extraction. Spec: MerchantReturnPolicy on the registry. See also: schemaorg, return-window, restocking-fee, offershippingdetails
Meta-ExternalAgent: Meta's training-data crawler user agent. Used for indexing content into Meta's AI products (Meta AI, Llama). See also: meta-externalfetcher, robots-txt
Meta-ExternalFetcher: Meta's link-preview and citation fetcher. Distinct from Meta-ExternalAgent (training): Meta-ExternalFetcher visits a page when a Meta AI agent or Llama-powered product is citing it during a conversation. See also: meta-externalagent
Microdata: One of three formats for embedding Schema.org markup in HTML — inline attributes (itemscope, itemtype, itemprop) sprinkled across the visible DOM. Microdata is the original Schema.org embedding format, predating JSON-LD, and is still widely used on older e-commerce sites. Google's modern guidance recommends JSON-LD over microdata for new markup. Spec: microdata at the W3C. See also: schemaorg, json-ld, rdfa, structured-data
Multi-vendor checkout: A checkout flow that consolidates items from multiple sellers into a single buyer transaction, then disaggregates fulfillment to each seller behind the scenes — the standard pattern on Amazon, Etsy, eBay, and most marketplaces. For agent commerce, multi-vendor checkout is a structural enabler: agents can build a basket across sellers without bouncing between separate checkout pages, which is otherwise the main reason agents abandon marketplace carts. See: Marketplace Bookings. See also: marketplace-booking, inventory-unification, headless-checkout, cart-token
NLWeb: A natural-language-web protocol that layers natural-language discovery and querying over existing web infrastructure (Schema.org markup, sitemaps). NLWeb aims to let agents discover and query a site's capabilities without requiring the site to publish an explicit MCP server. Earlier-stage than MCP but co-existing rather than competing. Spec: github.com/microsoft/NLWeb. See also: mcp
OAuth scope: A string in an OAuth 2.0 authorization request specifying the subset of permissions the requesting application is asking for (e.g. read:user, write:repo). Scopes are the granular-permission primitive used by MCP authorization and most agent-callable APIs; well-defined scopes let users approve agents for narrow capabilities rather than full account access. Spec: RFC 6749 §3.3. See also: mcp, mcp-server
OfferShippingDetails: A Schema.org type for declaring shipping options on an Offer — shippingRate, deliveryTime (handlingTime + transitTime), shippingDestination, doesNotShip. Google Shopping requires OfferShippingDetails for free-shipping and delivery-time eligibility; AI shopping agents consume it to compute total landed cost and ETA across vendors. Sites that leave shipping info as visible-only prose lose side-by-side comparison visibility against competitors with structured markup. Spec: OfferShippingDetails on the registry. See also: schemaorg, shipping-window, fulfillment-sla, structured-data
Open Banking: A regulatory framework (UK PSD2, EU PSD3, US 1033) requiring banks to expose customer account data and payment-initiation capabilities through standardized APIs. Open Banking matters to agent commerce because account-to-account payments, initiated via OB rails, are an increasingly common alternative to card networks for agent-issued transactions — lower fees, instant settlement, and (depending on jurisdiction) stronger consumer protections. Mature in the UK and EU; nascent in the US. See: Payment Trust. See also: three-d-secure, pci-dss
Open Graph: A meta-tag protocol (originally introduced by Facebook in 2010) that lets webpages declare structured metadata for link previews on social platforms — og:title, og:description, og:image, og:url. Distinct from Schema.org markup (which targets search engines and agents), Open Graph targets social shares; many AI agents also fall back to OG tags when JSON-LD is absent. Spec: ogp.me. See also: schemaorg, structured-data
OpenAPI: A widely-adopted specification (formerly Swagger) for describing REST APIs in a machine-readable format — endpoints, parameters, request/response schemas (JSON Schema-based), authentication, examples. OpenAPI is the de-facto standard for public API contracts; for AI agents the spec doubles as discovery: an OpenAPI file at a known path tells the agent exactly what tools the API exposes and how to call them. Many MCP server generators read OpenAPI directly to produce MCP tools. Spec: openapis.org. See also: json-schema, public-api-contract, machine-callable-endpoint, mcp, tool-schema
OpeningHoursSpecification: A Schema.org type for declaring a business's operating hours as structured data — dayOfWeek, opens, closes, validFrom/validThrough for date-bounded exceptions. The canonical home for hours data agents extract when recommending local businesses. Google Knowledge Panels, Google Maps, and AI-driven local recommendation surfaces all consume OpeningHoursSpecification; sites that publish hours only as visible text on a contact page lose extraction reliability across these surfaces. Spec: OpeningHoursSpecification on the registry. See also: holiday-hours, business-status, organization-schema, schemaorg
Operator: OpenAI's computer-use agent product, released in early 2025. Operator navigates a sandboxed browser to complete tasks on behalf of a user — booking, shopping, form-filling. Operator's reliability on a given site depends heavily on the site's UI stability, semantic markup, and absence of bot-fingerprinting. Source: openai.com/index/introducing-operator. See also: computer-use-agent-cua, project-mariner
Organization (schema): A Schema.org type representing a company, NGO, or other organizational entity. Marking up an Organization block (with name, url, logo, sameAs, address, contactPoint) is the highest-leverage entity-disambiguation signal for agents trying to identify your business. Spec: Organization type on the registry. See also: schemaorg, knowledge-graph
OSWorld benchmark: A computer-use agent benchmark covering 369 tasks across desktop operating systems and browser applications. OSWorld is the canonical scoreboard for measuring computer-use-agent capability; Claude Sonnet 4.6 reached 72.5% in 2026, up from sub-15% (Sonnet 3.5, Oct 2024), with Operator and Project Mariner climbing in parallel. Site-side UI stability is the new ceiling on CUA reliability. Spec: os-world.github.io. See also: computer-use-agent-cua, operator, project-mariner
PCI DSS: Payment Card Industry Data Security Standard — the contractual security framework all merchants accepting card payments must comply with. PCI DSS compliance isn't itself a directly agent-extractable signal, but the patterns it forces (hosted checkout via PCI-compliant processors like Stripe, Adyen, Braintree; tokenized card storage; iframe-isolated card fields) produce checkout UIs that are also more agent-friendly — because the heavy lifting moves to the processor's well-documented API rather than a custom form on the merchant's site. Spec: pcisecuritystandards.org. See also: three-d-secure, open-banking, mcc-code
Perplexity Apps: Perplexity's emerging consumer-agent app surface, layered on top of Perplexity's answer engine. Conceptually similar to ChatGPT GPTs / Claude Skills / OpenAI Apps SDK — third-party capabilities discoverable from inside the Perplexity assistant context. See also: perplexitybot
Perplexity-User: Perplexity's user-agent for browsing on behalf of an individual user during a Perplexity conversation. The action-time analogue of PerplexityBot. Source: Perplexity crawler docs. See also: perplexitybot, robots-txt
PerplexityBot: Perplexity's primary crawler, used to index content for Perplexity's answer engine. Distinct from Perplexity-User (browsing on behalf of a user). Blocking PerplexityBot removes you from Perplexity's citation surface. Source: Perplexity crawler docs. See also: perplexity-user, robots-txt
Power parameter: A Spekto scoring designation for an audit parameter important enough that failing it triggers a sub-grade cap — capping the overall grade for the affected sub-grade regardless of how other parameters score. Power parameters cover the highest-leverage agent-readiness signals (blocking AI bots, missing schema markup, broken sitemaps). Designed so a site can't earn a strong sub-grade if a foundational parameter is broken. See also: sub-grade-cap, visibility, clarity, usability
Project Mariner: Google's computer-use agent, part of the Gemini ecosystem. Navigates Chrome to complete tasks for a user — booking, shopping, form-filling. Roughly comparable in scope to Anthropic Computer Use and OpenAI Operator, with deeper integration into Google's surface (Gemini, Search, Workspace). See also: computer-use-agent-cua, operator
Public API contract: A documented, externally-stable interface promise — endpoint shape, request/response schema, versioning policy, error semantics — that consumers (including AI agents) can depend on across releases without breakage. Public API contracts are typically declared via OpenAPI or MCP and bound by a versioning commitment (semver-style major-version stability, deprecation notice periods). For agent reliability, the contract matters more than the implementation — agents that find a contract behave confidently; agents discovering an undocumented endpoint behave defensively. See: Agent API Spec. See also: openapi, machine-callable-endpoint, json-schema, mcp
Qualification flow: The sequence of questions an inquiry form (or follow-up conversation) uses to determine fit, scope, budget, and intent before routing a lead to sales. For agent-driven inquiries, qualification flows fail when they front-load too much context an agent doesn't have (precise budget bands, internal stakeholder counts) or when they require synchronous chat. Agent-friendly qualification flows accept partial context, surface the questions asynchronously, and confirm submission in band. See: Inquiry Flow. See also: inquiry-form, lead-capture, structured-contact-intent
RDFa: One of three formats for embedding Schema.org markup in HTML (alongside JSON-LD and microdata) — uses HTML attributes (vocab, typeof, property) tied to a linked-data vocabulary. RDFa is the most expressive but least common of the three; Google can parse it but recommends JSON-LD. Spec: W3C RDFa Primer. See also: schemaorg, json-ld, microdata, structured-data
Restocking fee: A fee deducted from a refund to cover the seller's cost of returning unsold inventory to stock (commonly 10–25% for consumer electronics, near-zero for apparel). In e-commerce vendor extraction, the restocking fee is a load-bearing purchase-decision input: agents recommending a vendor weight a high or undisclosed restocking fee against the listing. Best declared as a structured property on MerchantReturnPolicy so it's comparable across vendors without LLM extraction. See: Return & Refund Policy. See also: merchantreturnpolicy, return-window
Retry safety: The property that an action can be retried by an agent without producing duplicate or inconsistent state. Achieved through idempotency (typically the idempotency key header on POST endpoints), state-aware error responses, and unambiguous success/failure signals. Retry safety is the cleanest "ship this now" Frontier signal — without it, agent retries silently double-charge, double-book, and corrupt state. See also: idempotency
Return window: The time period during which a buyer can return a product for a refund or exchange — commonly 14, 30, 60, or 90 days from delivery. Return windows are one of the highest-weighted vendor-trust signals in AI-driven product comparisons; a generous, structurally-declared return window (via MerchantReturnPolicy merchantReturnDays) is what lets agents recommend a higher-priced vendor over a cheaper one with restrictive returns. See: Return & Refund Policy. See also: merchantreturnpolicy, restocking-fee
Review aggregator: A third-party platform that collects and normalizes customer reviews across a wide vendor population — Trustpilot, Trustedshops, G2, Capterra, BBB, Yelp. Agents treat review aggregators as higher-credibility than self-hosted reviews because they're harder to game and lend themselves to cross-vendor comparison. Strong vendor-reputation signals usually include presence on at least one aggregator in the vendor's market. See: Vendor Reputation. See also: vendor-reputation, trustpilot, trustedshops, bbb, brand-safety-signals
Review provenance: Verifiable origin information attached to a customer review — who wrote it, when, whether they were a verified buyer, what platform collected it. Without provenance, AI agents discount review data as potentially astroturfed; with strong provenance (verified-buyer flag, third-party-aggregator badge, structured Review markup with author + datePublished), reviews carry weight in agent extraction. The cleanest way to signal provenance is structured Review markup combined with review-aggregator integration. See: Review Markup. See also: review-schema, aggregaterating, review-aggregator, trust-signals
Review (schema): A Schema.org type representing an individual review of a product, place, or service (author, reviewRating, reviewBody, datePublished). Often paired with AggregateRating to summarize multiple reviews. Surfaces in rich results and AI-driven product comparisons. Spec: Review on the registry. See also: schemaorg, aggregaterating, rich-results
Rich results: Enhanced Google search-result listings rendered with structured data — star ratings, FAQ accordions, recipe cards, product carousels, and others. Triggered by valid Schema.org markup (typically embedded as JSON-LD). As of 2026 Google has retired several rich result types (FAQ, HowTo) but added AI Overview surfaces that draw on the same structured data. Source: Google rich-results gallery. See also: schemaorg, json-ld, ai-overview, faqpage
robots.txt: A plain-text file at site root (/robots.txt, RFC 9309) that specifies which crawlers and user-agents are allowed to access which paths. For AAIO purposes, robots.txt is the citation policy of the web — what you allow shows up in AI Overviews, ChatGPT Search, and Claude responses; what you block disappears from them. Spec: robotstxt.org · RFC 9309. See also: gptbot, claudebot, perplexitybot, llms-txt
Schema.org: The shared structured-data vocabulary maintained by Google, Microsoft, Yahoo, and Yandex. Schema.org defines types (Product, Organization, Article, FAQPage, Review, BreadcrumbList, etc.) and properties that, when embedded in your HTML (typically as JSON-LD), let machines unambiguously identify what your page is about. The markup is the highest-leverage Clarity signal — agents prefer structured data over visible text every time. Spec: the registry homepage. See also: json-ld, schemaorg-product, knowledge-graph
Schema.org/Product: The Schema.org type for products. Critical for e-commerce: marking up Product (with name, image, description, sku, offers.price, offers.priceCurrency, offers.availability, aggregateRating, review) makes your products legibly extractable by agents. As of 2026, only 13% of e-commerce sites in Spekto's calibration corpus have valid Product markup. Spec: Product type on the registry. See also: schemaorg
Server-rendered HTML: HTML constructed on the server and delivered to the client as complete markup, before any JavaScript runs. Server-rendered HTML is what most AI crawlers (GPTBot, ClaudeBot, PerplexityBot) see — the surface that determines whether your content is extractable. Achieved through SSR, static-site generation, or server-side templating; opposed to CSR. See also: ssr, csr, hydration
ServiceNow Store: ServiceNow's app marketplace, layered with the Now Assist agentic platform. Listings here surface inside ServiceNow's enterprise agents and workflow automations. Source: store.servicenow.com. See also: appexchange, appsource
Shared Payment Token (SPT): An ACP primitive — a tokenized payment credential that stays with the AI platform (e.g. OpenAI / ChatGPT) and is shared with the merchant for transaction completion, never exposing the user's underlying card to the merchant. SPTs let ChatGPT and similar agents transact on the user's behalf without breaking PCI scope on the merchant side. The OpenAI/Stripe answer to Google's Cryptographic Mandates under AP2. Source: docs.stripe.com. See also: acp, cryptographic-mandate, ap2
Shipping window: The committed range of time between a customer placing an order and the package being handed to a carrier — the handlingTime half of OfferShippingDetails (distinct from transitTime, which covers carrier delivery). Agent shopping surfaces use the shipping window to surface "ships today" vs. "ships in 3–5 days" comparisons; vendors with vague or unstated windows lose to vendors with explicit structured windows for time-sensitive queries. See: Shipping Clarity. See also: offershippingdetails, fulfillment-sla
Shopify App Store: Shopify's third-party app marketplace at apps.shopify.com, home to 16,000+ apps merchants install to customize their stores. In the agent era, the App Store is also the discovery layer Shopify's agent surfaces — Sidekick (the merchant-facing agent) and UCP-mediated consumer agents — read to find capabilities they route to during automated flows. Apps that expose MCP-callable capabilities surface inside Breeze and Sidekick agent flows; apps that only ship UI dashboards surface to humans browsing the App Store but not to agents acting on the merchant's behalf. See: Shopify App Store. See also: appexchange, appsource, hubspot-app-marketplace, ucp, mcp
Sitemap (XML): An XML file (typically at /sitemap.xml) listing the URLs of a site's important pages, with optional metadata (last-modified date, change frequency). Sitemaps help crawlers discover content they might otherwise miss. For AAIO, a sitemap is a baseline Visibility signal — 99% of Spekto's calibration corpus has one, so its absence is striking when present. Spec: sitemaps.org. See also: llms-txt, robots-txt
SSR: Server-side rendering — the practice of rendering a page's HTML on the server before sending it to the client, rather than relying on JavaScript to construct the DOM in the browser. SSR matters to AAIO because most AI crawlers (GPTBot, ClaudeBot) don't execute JavaScript. JS-only critical content is invisible to them. See also: visibility, clarity
Structured contact intent: The pattern of expressing an inquiry as a structured payload — not just free-text "please contact me" but typed intent (request_demo, request_quote, support, partnership), qualifying fields (use-case, company size, region), and a machine-readable response surface. Sites that accept structured contact intent — typically via an inquiry-form API or Schema.org ContactPoint markup with declared contactType — let agents complete inquiry flows in a single structured POST. See: Inquiry Flow. See also: inquiry-form, lead-capture, qualification-flow
Structured data: Machine-readable markup embedded in HTML that declares the meaning of page content (this is a product, this is its price, this is the author). The umbrella term covering JSON-LD, microdata, RDFa, and Open Graph. Structured data is the highest-leverage Clarity signal — agents prefer it over visible text because it's unambiguous. Source: Google structured-data intro. See also: schemaorg, json-ld, microdata, rdfa, open-graph, extraction-rubric
Sub-grade cap: A Spekto scoring mechanic where failing a Power parameter caps the maximum grade a sub-grade can earn, regardless of how other parameters score. Caps make foundational failures visible — a site that blocks AI bots can't earn an A in Visibility even if every other Visibility parameter is perfect. Bimodal by design; intentionally not averaged out. See also: power-parameter, visibility, clarity, usability
3D Secure: A card-network authentication protocol (Visa "Verified by Visa," Mastercard "Identity Check," now standardized as 3DS 2) that adds a step-up challenge — biometric, OTP, or banking-app push — before authorizing a card transaction the issuer flags as higher-risk. 3DS interacts directly with agent commerce: step-ups that require synchronous user attention can stall an agent mid-transaction. Processors like Stripe and Adyen now handle the orchestration; agents transacting via well-implemented hosted checkout typically pass 3DS without intervention. See: Payment Trust. See also: pci-dss, open-banking, mcc-code
Tier A UAs: Spekto's classification for the highest-priority AI user agents — the ones every site should allow unless there's a strong specific reason not to. Tier A covers training + citation UAs from the leading labs (GPTBot, ClaudeBot, PerplexityBot, Google-Extended, Applebot-Extended) plus the user-time UAs (ChatGPT-User, Claude-User, Perplexity-User). Blocking a Tier A UA removes the site from the corresponding citation surface. See also: tier-b-uas, robots-txt, gptbot, claudebot
Tier B UAs: Spekto's classification for secondary AI user agents — useful to allow but lower-leverage than Tier A. Tier B covers smaller-model crawlers and platform-specific bots (cohere-ai, Bytespider, CCBot, AmazonBot, Meta-ExternalAgent). Allowing them broadens distribution; blocking them is rarely catastrophic but does remove the site from those platforms' surfaces. See also: tier-a-uas, robots-txt
Time-slot API: An endpoint that returns the set of available booking slots for a resource over a date range, in a machine-readable format (JSON, iCal, GraphQL response). Time-slot APIs are the action-time counterpart of an availability calendar: the calendar lets the agent see, the API lets the agent reserve. Strong agent-friendly booking flows pair both — public availability view + parameterized booking endpoint with idempotency support. See: Direct Booking Flow. See also: availability-calendar, direct-booking, booking-confirmation, idempotency
Tool schema: The structured declaration of an AI-callable tool's name, description, parameters, and expected behavior — the unit of capability inside an MCP server. Tool quality matters more than tool count: agents pick good tools (clear schemas, sane error states) over all tools. See also: mcp
Trust signals: Public, on-page indicators that a vendor is real, reputable, and safe to transact with — verified reviews (AggregateRating + Review schema), review-aggregator badges, security certifications, business-registration info, secure-payment logos, money-back guarantees. AI agents weight trust signals heavily when comparing vendors for purchase recommendations, especially for higher-stakes purchases (multi-vendor commerce, regulated categories, custom-quote services). See: Review Markup and Vendor Reputation. See also: review-provenance, brand-safety-signals, vendor-reputation, aggregaterating
Trustedshops: A European (originally German) e-commerce trust seal and review-aggregator — combines a certification audit (against shop-quality criteria) with verified-buyer reviews and a money-back guarantee program. Strong adoption in DACH, France, Spain, and Italy; near-default presence for mid-market German e-commerce. Trustedshops badges + Schema.org organization markup are the canonical agent-extractable signal for European e-commerce vendor reputation. Source: trustedshops.com. See also: trustpilot, bbb, review-aggregator, vendor-reputation
Trustpilot: A leading global consumer-review platform (~250M reviews as of early 2026), aggregating verified-buyer reviews into a 5-star score and TrustScore. Listings include domain verification, review-collection method (organic vs. invited), and response patterns. Trustpilot scores surface in Google rich results and are explicitly cited by ChatGPT Shopping and Perplexity Shop as vendor-credibility signals. A complete Trustpilot profile with AggregateRating markup is the single strongest vendor-reputation signal in many AI-driven product comparisons. Source: trustpilot.com. See also: trustedshops, bbb, review-aggregator, vendor-reputation, aggregaterating
Twitterbot: X's (formerly Twitter's) link-preview crawler. Used to render Open Graph / Twitter Card previews when a URL is shared on X. Allowing Twitterbot is required for clean social previews; not directly an AI signal but worth allowing. See also: robots-txt
UCP: Universal Commerce Protocol — launched January 11, 2026 by Google and Shopify. UCP covers the full agent-driven commerce journey (discovery, configuration, checkout, post-sale) and supports REST, MCP, A2A, and AP2 transports. Shopify reported 1M+ U.S. merchants are eligible for integration at launch. UCP is the Google/Shopify counterpart to OpenAI/Stripe's ACP; both stacks coexist rather than directly compete. See also: acp, ap2, agent-commerce
Usability: The Spekto sub-grade covering the action layer — once an agent understands your offering, can it actually use your product? Usability scores 5 parameters covering agent API specs, faceted-navigation usability, cart accessibility, booking and reservation access, and inquiry/contact flows. The hardest sub-grade to pass for non-API-first sites: 97% of e-commerce sites in Spekto's calibration corpus fail the faceted-nav check. See: Usability hub. See also: visibility, clarity
Vendor reputation: The composite of all third-party-corroborated signals an AI agent uses to decide whether a vendor is safe to recommend or transact with — review-aggregator scores (Trustpilot, Trustedshops, BBB), Google Safe Browsing status, brand-safety flags from payment networks, complaint volumes, and (increasingly) AI-platform-specific reputation scores. Distinct from on-page trust signals because vendor reputation is corroborated externally; agents weight it especially heavily for first-time vendor encounters. See: Vendor Reputation. See also: review-aggregator, trustpilot, trustedshops, bbb, brand-safety-signals, trust-signals
Visa Trusted Agent Protocol: Visa's framework for authenticating AI-agent-initiated transactions, launched October 2025. Agents prove their identity to merchants via HTTP Message Signatures (RFC 9421), letting merchants distinguish legitimate agents from automated fraud and tie an agent action back to a verifiable identity. Part of Visa's Intelligent Commerce initiative, alongside Mastercard Agent Pay, ACP, and AP2. Source: usa.visa.com. See also: mastercard-agent-pay, ap2, acp, agentic-token
Visibility: The Spekto sub-grade covering the access layer — can agents reach your pages at all? Visibility scores 3 parameters: bot access policy (robots.txt + AI agent UAs), CDN bot blocking, and indexation coverage (sitemap + canonical URLs). The cheapest sub-grade to fix; the most expensive to fail silently. See: Visibility hub. See also: clarity, usability
WAF (Web Application Firewall): An edge-layer rule engine that inspects HTTP traffic and blocks requests matching attack patterns (SQL injection, XSS, credential stuffing) or bot fingerprints. Common WAF products include Cloudflare (bot fight mode, Turnstile), AWS Shield, and Akamai Bot Manager. WAFs are the most common silent-fail surface for AI agent access — rules tuned for human traffic regularly catch legitimate agent traffic. See also: bot-fight-mode, aws-shield, akamai-bot-manager, cloudflare-turnstile
WebMCP: The browser-side variant of MCP, introduced as an early preview in Chrome 146 (February 2026). WebMCP lets a website declare MCP-compatible tools that an in-browser agent can call directly from the page context, without scraping the DOM. Distinct from server-side MCP (which runs as a separate service); the two are complementary. Source: developer.chrome.com/blog/webmcp-epp. See also: mcp