Point Your Agent at llms.txt
Artifacts v1.2 ships sharing and collaborative editing for agent output — and the whole integration is a text file. Plus: we ran our own site through Cloudflare's Agent Readiness checker and got caught overpromising.
We shipped artifacts.thefocus.ai v1.2 this week. The features are sharing and editing: an agent publishes its output and gets back a stable unlisted URL, and — new in this release — it can publish a Living Doc, a Markdown document a human edits and comments on in the browser while the agent pulls the feedback and responds with tracked-changes suggestions.
But the part worth writing up isn’t the feature list. It’s the integration surface. There is no SDK, no dashboard onboarding, no API client to install. The instructions live at /llms.txt, and the way you wire a new agent to the service is a sentence:
Read https://artifacts.thefocus.ai/llms.txt and publish this report.
That’s the whole pattern. The model reads the manual, finds the copy-paste commands, and runs them. The llms.txt is the integration.
Sharing: a URL instead of an attachment
The base loop hasn’t changed since v1: an agent produces an HTML report, a prototype, a static bundle — anything a client needs to see — and instead of attaching files or asking a human to set up hosting, it runs:
npx @the-focus-ai/artifacts publish ./report.html --title "Q2 Results"
Back comes an unlisted /a/{id} URL to drop in the final response. A rolling revision window means re-running the same command hotfixes the same URL — no “ignore the last link” emails. Unlisted, not private, and the docs say so plainly; agents shouldn’t have to guess at the privacy model.
Editing: the agent as a colleague on the doc
Living Docs close the loop in the other direction. The agent publishes Markdown and hands the human a review link — a bearer capability, no login, anyone holding it can edit. The human works in a normal WYSIWYG editor. Then, on its next turn, the agent pulls a numbered version — current text, a diff, and open comments as JSON — and responds with span-anchored suggestions:
npx @the-focus-ai/artifacts doc publish ./proposal.md --title "Proposal"
npx @the-focus-ai/artifacts doc pull https://artifacts.thefocus.ai/d/Ab3xY9kQ
echo '{"suggestions":[{"anchorQuote":"exact text from the doc","replacement":"new text","note":"why"}]}' \
| npx @the-focus-ai/artifacts doc respond https://artifacts.thefocus.ai/d/Ab3xY9kQ
The design rule that matters: suggestions are never auto-applied. They render as tracked changes and the human accepts or rejects each one. The agent is a colleague proposing edits on the document, not a ghostwriter overwriting it. Publish, hand off, pull, respond, repeat — the same align-and-verify shape that keeps showing up in agent coding loops.
Are you agent-ready? There’s a score now
Cloudflare recently launched an Agent Readiness score with a public checker at isitagentready.com — it scans a domain for the emerging agent-web signals: robots.txt and sitemaps, Content Signals, markdown content negotiation, and the discovery layer above that (API catalogs, MCP server cards, A2A agent cards, OAuth metadata).
We pointed it at our own site. artifacts.thefocus.ai scores Level 2 — “Bot-Aware.” What passed: valid robots.txt with per-bot rules, Content Signals (ai-train=no, search=yes, ai-input=yes — train on our service pages no, use them to answer questions yes), a sitemap that deliberately lists only service resources and never publication URLs, and agent-useful Link headers.
And the checker caught us overpromising. Our llms.txt told agents to request the landing page with Accept: text/markdown — but the server actually returned HTML; the Markdown twin only existed as a parallel /index.md file. Real content negotiation matters because it’s cheap for everyone: Cloudflare measures Markdown at roughly 80% fewer tokens than the same page as HTML, and only about 3.9% of sites serve it. This is exactly what a checker is for — it reads your site the way an agent will, not the way you meant it.
Fixing it took two tries, and the failure is instructive. Attempt one used the platform: Vercel rewrites with an Accept-header condition. That config looked right and had even been sitting in vercel.json all along — but static files are served before rewrites ever run, so it was dead code; and once we un-shadowed it, the header condition matched every request in production and served Markdown to browsers too. Attempt two moved the negotiation into a twenty-line function with a unit test for both audiences. Platform-config conditionals are folklore; negotiation is logic, and logic belongs in code you can test. Re-scan after the fix: Level 3 — “Agent-Readable.”
The rungs above us are the discovery layer: MCP server cards, A2A agent cards, OAuth resource metadata. Amusingly, our twitter habitat already passes those — it publishes an A2A agent card and OAuth-protected-resource metadata, which is how a Claude Code session can authenticate to it with zero pasted keys. Different services, different rungs of the same ladder.
Best practices, from doing it
- Write
llms.txtlike an operator’s manual, not marketing. Workflow first, copy-paste commands, exact JSON contracts, and explicit constraints — ours says do not crawl, guess, or enumerate publication URLs right in the file. Agents follow “do not” better than lawyers do. - Say what the thing is for and what it isn’t. A “What this service is for” section prevents the agent from creatively misusing you.
- Offer Markdown, honestly. An
/index.mdtwin is good; realAccept: text/markdownnegotiation is better. Don’t claim one and ship the other — the checkers read like agents now. - Negotiate in code, not platform config. Header-conditional rewrites are folklore that behaves differently deployed than documented. A tiny function with a unit test per audience is boring and correct.
- Use
robots.txtfor policy, not just crawling. Per-bot rules plus Content Signals let you split training, inference, and search — three different consents that used to be one bluntDisallow. - Make URLs capabilities. Unlisted share links and bearer review links keep the human-agent loop friction-free — no login wall in the middle of a revision cycle. Be explicit that unlisted ≠ private.
- Never auto-apply agent edits. Suggestions with human accept/reject is the difference between a collaborator and an intruder.
- CLI-first beats dashboard-first for agents. A model can run
npx; it can’t click your onboarding tour. - Scan yourself. isitagentready.com takes thirty seconds and hands you the failing checks as prompts you can paste straight into a coding agent.
The Crosstalk through-line holds: the wire runs both ways. Agents read your site, and they publish back to it — and the sites that work best for them are the ones that put the instructions where the agent is already looking.