惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

美团技术团队
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
博客园 - Franky
有赞技术团队
有赞技术团队
博客园 - 司徒正美
量子位
N
News and Events Feed by Topic
T
Threatpost
Last Week in AI
Last Week in AI
D
Darknet – Hacking Tools, Hacker News & Cyber Security
酷 壳 – CoolShell
酷 壳 – CoolShell
C
CERT Recently Published Vulnerability Notes
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
I
Intezer
人人都是产品经理
人人都是产品经理
T
Tenable Blog
IT之家
IT之家
雷峰网
雷峰网
腾讯CDC
博客园 - 聂微东
V
Visual Studio Blog
S
SegmentFault 最新的问题
Scott Helme
Scott Helme
Spread Privacy
Spread Privacy
月光博客
月光博客
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
V
V2EX
大猫的无限游戏
大猫的无限游戏
Apple Machine Learning Research
Apple Machine Learning Research
爱范儿
爱范儿
T
Tailwind CSS Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
罗磊的独立博客
N
Netflix TechBlog - Medium
J
Java Code Geeks
宝玉的分享
宝玉的分享
F
Full Disclosure
WordPress大学
WordPress大学
A
Arctic Wolf
小众软件
小众软件
AWS News Blog
AWS News Blog
Attack and Defense Labs
Attack and Defense Labs
NISL@THU
NISL@THU
AI
AI
Hugging Face - Blog
Hugging Face - Blog
F
Fortinet All Blogs
云风的 BLOG
云风的 BLOG
N
News | PayPal Newsroom
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
I Audited 70 Companies' llms.txt Files. Most Don't Have One.
Intally · 2026-05-16 · via DEV Community

I Audited 70 Companies' llms.txt Files. Most Don't Have One.

The /llms.txt proposal has been around since late 2024. Two years in, every SEO blog has a tutorial on it. Every "GEO" thinkpiece mentions it as a checkbox. WP Engine has published five articles about it in the last month. Mintlify built a feature for it.

What nobody's done is check whether the people who should have one actually do, and whether what they shipped is any good.

So I ran a script over 70 sites — the AI labs, the docs platforms, the dev infrastructure giants, the modern SaaS darlings, the WordPress media — and pulled their /llms.txt. Here's what I found.

TL;DR: 31 of 70 (44%) had a real llms.txt. The other 56% either returned 404, served an HTML fallback (SPA routes catching the path), or 403'd a bot. Of the 31 that exist, 12 (41%) don't follow the format llmstxt.org itself defined. File sizes range from 648 bytes to 280 KB — a 432× spread. The companies you'd expect to lead — OpenAI, Hugging Face, Google AI, Mintlify, GitBook, Readme — don't have one.

What I tested, and how

I picked 70 sites across eight buckets:

  • AI labs (Anthropic, OpenAI, Mistral, Cohere, Perplexity, Hugging Face, Google AI, Replicate, ElevenLabs)
  • AI coding tools (Cursor, Codeium, Windsurf, Claude, Aider)
  • Docs platforms (Mintlify, GitBook, ReadMe, Redocly, Docusaurus)
  • Dev infra (Vercel, Supabase, Stripe, Cloudflare, Fly, Netlify, Railway, Render, Bun, Deno)
  • Modern SaaS (Linear, Notion, Retool, Raycast, Framer, Airtable, Segment, Amplitude, Mixpanel, PostHog)
  • WordPress ecosystem (Kinsta, WP Engine, Yoast, ManageWP, Cloudways, WordPress.com, WP Tavern)
  • llms.txt origin (llmstxt.org, fast.ai, AnswerAI)
  • Community / publishing (dev.to, Hacker Noon, Substack, Indie Hackers, GitHub, GitLab)

For each, I fetched https://<domain>/llms.txt with a regular browser User-Agent, no special headers. I parsed the body to check whether it was actual markdown (starts with # heading) or HTML (a SPA fallback catching the route).

Then I measured seven dimensions on each real sample:

  1. File size in bytes
  2. Lines
  3. Number of H2 sections
  4. Total markdown links
  5. Percentage of links pointing to deep internal pages vs. marketing root vs. external
  6. Whether it follows the # Title + > intro blockquote format from the spec
  7. First 200 characters (to spot HTML fallbacks the heuristic missed)

That's it. No login, no API key, no special crawler. Just plain HTTP GET, the same any LLM crawler would do.

Finding 1: More than half of the obvious candidates don't have one

Outcome Count %
Real llms.txt 31 44%
404 22 31%
HTML fallback (200 but SPA-served) 9 13%
403 / 530 / timeout 8 11%

The 44% headline already sounds bad. But the picture is worse than that, because the "should obviously have one" cohort is the loudest part of the miss list:

  • OpenAI: 403 on the root, 404 on platform.openai.com. They've built the most-talked-about LLM in the world and don't help it find their own docs.
  • Hugging Face: 404. The platform whose entire reason for existing is hosting models that read text.
  • Google AI (ai.google.dev): 302 redirect, no llms.txt at the destination.
  • Mintlify (the company that sells "llms.txt as a feature" to its customers): 404 on their own marketing site, 530 on their docs site.
  • GitBook, ReadMe: both 404.
  • fast.ai: 404. Jeremy Howard's own site. He's the one who proposed llms.txt.
  • WP Engine, Kinsta, WP Tavern, ManageWP: 404 or HTML fallback. The same WordPress-hosting companies running 5-article-a-month content series about GEO and AI search ranking don't have one.

A reasonable counter-argument: "an llms.txt only helps if your site is what an LLM would link to in an answer; OpenAI doesn't need to optimize for ChatGPT citing OpenAI." Fine. But that doesn't explain Mintlify, whose entire pitch right now is "add llms.txt with one click using our platform." If they don't run their own dogfood, you should ask why.

The HTML fallback group (9 sites returning 200 but with an HTML body) is also revealing. Cohere docs, Cursor docs, Codeium, Windsurf, Claude.ai, Kinsta, Notion, Segment, Deno all fall here. These are companies on Next.js / Vue / similar SPAs where the framework's catch-all route is returning the app shell for /llms.txt. No one noticed. No one's monitoring. An LLM crawler hitting their /llms.txt gets an HTML page that doesn't even mention the word "llms.txt."

This is the most damning category. 404 is a deliberate non-answer. HTML fallback is an unaware non-answer. You ran a tool, you copied a snippet from your CMS, you assumed it worked, and it doesn't.

Finding 2: 41% of the files that exist don't follow the format

The llms.txt spec, as defined by llmstxt.org itself, is dead simple. There are exactly two required structural elements:

  1. A single # Title H1 at the top.
  2. A > blockquote line right after the H1, summarizing what this site is.

That's it. The rest is sections, links, optional ## H2 groupings — all free-form.

Of 29 unique samples (after deduping cloudflare.com / www.cloudflare.com and cursor.com / www.cursor.com):

  • 17 (59%) follow the H1 + blockquote pattern.
  • 12 (41%) skip the blockquote. Some skip the H1 too.

The non-compliant list is not who you'd expect:

Site Sections Links What's wrong
docs.anthropic.com 3 1,415 No blockquote intro
docs.stripe.com 26 528 No blockquote intro
render.com 6 295 No blockquote intro
bun.sh 2 317 No blockquote intro
netlify.com 10 83 No blockquote intro
developers.cloudflare.com 9 103 No blockquote intro
docs.mistral.ai 1 75 Single section, no intro
elevenlabs.io 7 49 No blockquote intro
cursor.com 20 0 No blockquote, and has 0 markdown links — just raw URL list
replicate.com 7 1 No blockquote intro, near-zero links
amplitude.com 7 0 No blockquote, 0 links
supabase.com 2 19 No blockquote intro

Anthropic — the company whose docs platform is literally the reference customer for the LLM ecosystem — ships 150 KB of links with no opening blockquote. Stripe ships 90 KB of structured docs index with no intro line. These aren't beginner sites. They have technical writers.

What this looks like in practice: someone on the platform team auto-generated an llms.txt from the docs sitemap, shipped it, and never read the spec. The crawler hitting it gets a sea of links with no context about what the site is.

Cursor's is the strangest. Twenty sections, beautifully nested, zero markdown links — every entry is a raw URL on its own line:

## Get Started
- https://cursor.com/docs.md
- https://cursor.com/docs/get-started/quickstart.md
- https://cursor.com/docs/models-and-pricing.md
  - https://cursor.com/docs/models/claude-4-6-sonnet.md

Enter fullscreen mode Exit fullscreen mode

It also has at least one concatenation bug: https://cursor.comhttps://cursor.com/changelog.md shows up unescaped. If an LLM crawler was strict about markdown link parsing, half of Cursor's file would be invisible to it.

Finding 3: File sizes vary by 432×, and nobody agrees what this file is for

The smallest real llms.txt: 648 bytes. That's llmstxt.org — the site that defined the spec — pointing to three docs.

The largest: 279,743 bytes. That's PostHog, dumping what looks like their entire docs sitemap, with prose annotations, 54 H2 sections, and 2,555 markdown links pointing to .md variants of every doc page.

Between them, eight orders of practical magnitude:

Bucket Count Examples
Tiny (<1 KB) 1 llmstxt.org (648 B)
Small (1-5 KB) 8 railway.app (1.4 KB), supabase.com (1.3 KB), amplitude.com (2.8 KB), replicate.com (3.4 KB), mistral.ai (4.9 KB), cohere.com (4.8 KB), hackernoon.com (4.9 KB), answerai.com (1.8 KB)
Medium (5-20 KB) 9 linear.app, cursor.com, framer.com, yoast.com, wordpress.com, cloudflare.com, elevenlabs.io, docs.mistral.ai, developers.cloudflare.com
Large (20-100 KB) 9 docs.perplexity.ai (22 KB), github.com (28 KB), bun.sh (33 KB), render.com (36 KB), netlify.com (20 KB), stripe.com (64 KB), cloudways.com (64 KB), docs.stripe.com (93 KB), redocly.com (98 KB)
Huge (100 KB+) 2 docs.anthropic.com (152 KB), posthog.com (280 KB)

Median: 9.4 KB. Mean: 34.7 KB. The mean is misleadingly high because of the two huge outliers — most sites are actually quite small.

This spread maps directly to two different philosophies of what llms.txt is. The spec text is ambivalent on this, so people just picked:

Philosophy A (the spec example): llms.txt is a tiny pointer file. A few hundred bytes. A title, a one-line summary, and a handful of links to the most important pages. The LLM is supposed to crawl those pages separately. Sites like llmstxt.org (648 B), supabase.com (1.3 KB), railway.app (1.4 KB), answerai.com (1.8 KB) follow this.

Philosophy B (the index dump): llms.txt is a comprehensive sitemap-for-LLMs. Every documented page gets a link. PostHog (280 KB) and Anthropic docs (152 KB) ship more or less their entire docs map this way. Stripe (90 KB) is the same idea slightly trimmed.

There's no consensus on which is right. Mintlify's product (when it works) emits Philosophy B. Hand-written ones tend toward Philosophy A. A 280 KB file is presumably a lot for a model to ingest as context; a 648 B file is presumably too little for a model to actually find anything useful.

The honest answer is nobody knows yet which works better, because nobody has published data on whether either approach causes more LLM citations or traffic.

Finding 4: Link quality is actually fine — but link quantity hides the misses

The good news: when sites do put links in their llms.txt, the links are mostly useful.

Across all 7,557 markdown links in the 29 samples:

  • 73.8% are deep internal pages (paths with two or more segments — docs.example.com/api/v2/something)
  • 23.3% are external (mostly references to standards, SDKs, GitHub repos)
  • 2.9% point to marketing roots (the homepage or top-level category pages — /pricing, /about)

That 2.9% marketing-root number is encouraging. The fear with llms.txt was that companies would use it as a marketing-funnel SEO play — link the AI to your homepage and your pricing page. They mostly aren't. The actual links point at useful documentation.

The bad news is that count is heavily skewed by a few big files. PostHog alone contributes 2,555 of those 7,557 links — a third of the total dataset. Anthropic, Redocly, Stripe, Cloudways add another 3,000+. Most sites have between 0 and 100 links.

Four sites have zero markdown links: amplitude.com, cohere.com, cursor.com, hackernoon.com. Cursor and Hackernoon use raw URL strings (technically usable by some crawlers, technically not markdown). Amplitude and Cohere just describe their products in prose, which is arguably useful context but not what the spec is for.

Finding 5: The WordPress ecosystem is almost entirely missing

Out of seven WordPress-ecosystem candidates I tested:

  • Cloudways, Yoast, WordPress.com: have one. ✅
  • Kinsta: returns HTML fallback (you'd think they had one — they didn't). ❌
  • WP Engine, ManageWP, WP Tavern: 404. ❌

This is striking because WP Engine in particular has been publishing aggressively about "GEO" — Generative Engine Optimization. Five separate articles in the last month, including "Technical GEO: Ensuring Sites are Machine Readable." The author of those articles works for a company whose own marketing site doesn't have llms.txt.

Kinsta's HTML fallback is the more interesting case. They publish content telling agencies how to make sites AI-friendly. They probably believe they have an llms.txt because someone enabled a plugin. The plugin doesn't work — the Next.js router catches /llms.txt and serves the React shell. Nobody on their team checked.

Across the WordPress ecosystem, the gap between content about llms.txt and ownership of llms.txt is roughly total.

Finding 6: The "HTML fallback" problem is bigger than it looks

The nine sites returning 200 OK with HTML are worth highlighting separately because, from any monitoring tool's perspective, they look like success.

If you run a curl with -I against kinsta.com/llms.txt, you get a 200 response. Your CDN logs say everyone who hit /llms.txt got data back. Nothing's broken.

But the body is the React app. An LLM that tries to parse the response as markdown gets a 50 KB blob of <div class="..."> and JavaScript bundle URLs. It has no way to know this wasn't deliberate.

This affects:

  • Cohere docs, Cursor docs (sister sites of two of the most-cited Real samples, but the docs subdomains catch-all)
  • Codeium, Windsurf, Claude.ai — AI coding tools missing their own llms.txt
  • Notion (the SaaS most likely to be cited by an LLM)
  • Segment, Kinsta, Deno

Most of these are running modern JavaScript frameworks where a catch-all route handles unknown paths. The fix is one line of config to make /llms.txt 404 explicitly, or to serve a real file. Nobody's done it.

If your site is built on Next.js / Nuxt / Astro / similar, this is the first thing to check. Hit your own /llms.txt with curl and read the bytes. If you see <!DOCTYPE html>, you have a problem regardless of whether you intended to have an llms.txt.

Finding 7: We have no idea if any of this works

The hardest part of writing this audit was admitting that we don't yet have evidence llms.txt does anything useful.

I looked for it. Specifically:

  • Is there public data showing that sites with llms.txt get cited more often in Perplexity, ChatGPT, or Claude answers than equivalent sites without?
  • Are LLM crawlers actually requesting /llms.txt? (Cloudflare publishes some bot traffic data, but not specifically for this path.)
  • Has any A/B-tested case study been published showing that adding llms.txt changed citation share, referral traffic, or anything measurable?

The answer to all three, as of mid-2026, is "not really." There are anecdotes. There are tutorials. There are case studies that read like vendor marketing. There is no rigorous public evidence that llms.txt moves the needle.

It's possible — likely, even — that big LLM providers are reading it as a hint, the same way some search engines read sitemap.xml. It's also possible they're not, and the entire conversation around this file is the SEO industry filling the silence about how AI answer engines actually rank sources.

The interesting fact is that even the companies whose business model would directly benefit from llms.txt working — the model providers — mostly aren't writing one for their own docs. That's either because they know something the SEO industry doesn't, or because they're as confused as everyone else.

What I think this means

A few cautious takeaways. Not advice — llms.txt advice on the internet is already a glut. Just observations from staring at 31 real files for a day.

1. The standard is winning by default, not by adoption. It's the only proposal in this space with public buy-in. But "I've heard of it" and "I've added it to my site" are not the same conversation. Most sites haven't added it. Most that have, half-added it.

2. The Philosophy A vs B divide is the actual open question, not "should you add llms.txt at all." A 648-byte pointer file and a 280-kilobyte sitemap dump can't both be the correct interpretation of the same spec. Until someone publishes real data on which retrieves better, every "best practices" article is guessing.

3. The HTML fallback problem is the single highest-leverage fix. If you run a modern JavaScript framework and you've never checked your own /llms.txt response body, you probably have a silent miss. One curl will tell you. One line of routing config will fix it.

4. Following the spec is almost free, and almost nobody does it. Forty-one percent of the files that exist skip the blockquote intro. The crawler reading these files has to guess what the site is about from the URL list alone. Adding a single sentence in > blockquote form takes ten seconds and probably matters more than the elaborate hierarchy below it. Probably.

5. The gap between "writes about llms.txt" and "has llms.txt" is enormous, especially in the WordPress and hosting ecosystem. This is either an opportunity (everyone else is asleep) or a tell (the people closest to SEO have done the math and skipped it). Take your pick.

The samples

If you want to look at the source data: I'm publishing the 31 real llms.txt files I pulled, plus the probe script and the analysis output, under a public mirror. The format and methodology are simple enough that you can rerun this audit in five minutes against your own list of suspect sites.

Worth doing on your own site, at least. The HTML fallback bug is silent, the spec is short, and the upside — if llms.txt ever does matter — is just a properly-formatted text file away.

If you find your own audit produces wildly different conclusions, I'd genuinely like to see it. Especially if anyone has citation-share data showing this stuff actually works. So far, on this question, the marketplace of opinions is loud and the marketplace of evidence is silent.


About the data: 70 candidate sites probed on 2026-05-16 using vanilla HTTP GET with a desktop browser User-Agent. 31 returned real llms.txt files. After deduping mirror domains (cloudflare.com / www.cloudflare.com, cursor.com / www.cursor.com), 29 unique samples. Probe script, raw responses, and per-site analysis are mirrored.

Method limits: Only the root /llms.txt path was probed. Some sites may host llms.txt at a subdomain or under a versioned path. I didn't check /llms-full.txt (the optional verbose variant from the spec). Sites that block automated requests by IP or User-Agent (Reddit, parts of Indie Hackers) may have real files I couldn't see. The HTML-fallback class is a false-negative risk that probably understates real adoption by 1-3 sites.