Open standard · v0.1.0
The agentic-first profile standard.
A small, well-versioned JSON contract that companies and individuals publish at a known location on their own website. Agents and directories discover it without scraping. There are two tiers — public for discovery, and protected for diligence-grade detail behind your own auth.
Why this exists
Three things are happening at once: agents are becoming the primary consumer of company information; the existing structured-data conventions (Schema.org, OpenGraph) describe content but not capability; and the people best placed to describe a company are the company itself, not a third-party data broker. The agentic-first standard fills that gap with a small, opinionated JSON contract you publish on your own domain.
It is deliberately not an attempt to model everything. It is the smallest schema that lets a serious investor, customer, or LLM agent decide whether to go further. Anything richer belongs on the protected tier, which the publisher controls entirely.
Public vs protected, in one table
| Aspect | Public public | Protected protected |
|---|---|---|
| Where it lives | /.well-known/agentic-profile.json on your website |
Your private MCP server (auth-gated, scoped, audited) |
| Who can read it | Anyone, including search engines and LLM agents | Principals you've issued a token to |
| What it carries | Identity, jurisdiction, registry IDs, banded metrics, evidence links, contact channel | Precise figures, fundraise detail, NDA-protected logos, references, calendar, updates |
| FCA / financial-promotion exposure | Banded values only — never precise revenue, growth, or fundraise numbers | Precise figures permitted because the audience is gated & identified |
| Crawled by the directory | Yes, on submission and on a schedule | Never. The directory has no token and no view into it. |
In schema files the tier is set explicitly with the tier field
("public" or "protected") and the kind of subject
with profile_kind ("company" or
"person"). This makes the same parser robust against either
file showing up at either location.
Company · public profile public
Hosted at https://{your-domain}/.well-known/agentic-profile.json.
Validates against
company-profile-0.1.0.
All numerical metrics use bands. Evidence URLs are strongly encouraged
on every material claim and feed the directory's confidence score.
Required fields
| Field | Type | Notes |
|---|---|---|
schema_version | string (semver) | e.g. "0.1.0" |
updated_at | ISO 8601 datetime | When you last regenerated this file |
company.name | string | Trading name |
company.website | URL | Canonical homepage |
company.jurisdiction | ISO 3166-1 alpha-2 | "GB", "US", "DE", … |
Recommended fields
| Field | Type | Notes |
|---|---|---|
company.legal_name | string | Statutory name if different from trading name |
company.registry | object | { type, id, url } — Companies House, Delaware, EDGAR, etc. Verified IDs add directly to the trust score. |
company.lei | string (20-char) | GLEIF Legal Entity Identifier |
company.founded | YYYY or YYYY-MM | |
company.industry | array of strings | Hyphenated lowercase tags (max 8) |
company.tagline / summary | string | Tagline ≤ 200 chars; summary ≤ 2000 |
stage.current | enum | Pre-Seed, Seed, …, Public, Acquired, Closed |
funding.total_raised_band | money band | "<100k", "100k-500k", … ">500m", "undisclosed" |
funding.last_round | object | Stage, date, amount band, lead investor, evidence URL |
team.headcount_band | headcount band | "1-10", "11-50", …, ">5000" |
team.key_people | array (max 10) | Name, role, LinkedIn, evidence URL |
metrics.revenue_band | money band | Bands only — never precise revenue on the public surface |
metrics.growth_band | growth band | "negative", "flat", "0-20%", …, ">300%" |
metrics.customers_band | count band | "<10", "10-100", …, ">1m" |
evidence | array | Citations supporting public claims; empty array caps the trust score |
contact.preferred_channel | enum | email, form, private-mcp, none |
contact.private_mcp | URL | Pointer to your protected-tier MCP, if you run one |
Example
{
"schema_version": "0.1.0",
"updated_at": "2026-04-19T00:00:00Z",
"profile_kind": "company",
"tier": "public",
"company": {
"name": "Acme Robotics",
"legal_name": "Acme Robotics Ltd",
"website": "https://acme-robotics.example",
"jurisdiction": "GB",
"registry": {
"type": "companies-house",
"id": "12345678",
"url": "https://find-and-update.company-information.service.gov.uk/company/12345678"
},
"founded": "2022-03",
"industry": ["robotics", "b2b-saas", "industrial-automation"],
"tagline": "Vision-language models for warehouse pick-and-place."
},
"stage": { "current": "Seed", "since": "2025-02" },
"funding": {
"total_raised_band": "1m-5m",
"currency": "GBP",
"last_round": {
"stage": "Seed", "date": "2025-02",
"amount_band": "1m-5m", "currency": "GBP",
"lead_investor": "Northern Gravity",
"evidence_url": "https://acme-robotics.example/news/seed-round"
}
},
"team": { "headcount_band": "11-50" },
"metrics": {
"revenue_band": "100k-500k",
"growth_band": "100-300%",
"as_of": "2026-03-31"
},
"contact": {
"preferred_channel": "form",
"form_url": "https://acme-robotics.example/contact",
"private_mcp": "https://private-mcp.acme-robotics.example/mcp"
}
}Company · protected profile protected
Lives behind your own MCP server, behind your own authentication (typically OAuth 2.0 with scopes per section). The directory never sees this. Validates against company-private-profile-0.1.0.
Adopter responsibility
The protected tier carries figures that, if leaked, may constitute a
regulated financial promotion in jurisdictions like the UK. Your
MCP MUST authenticate every reader, scope every section
(financials:read, fundraise:read,
traction:read, updates:read), and audit
every access. agentic-first publishes the schema; the
controls are yours.
Sections
| Section | Purpose | Sensitivity |
|---|---|---|
financials | Precise revenue, ARR, MRR, gross margin, burn, runway, cash on hand | High |
traction | Customer count, named logos (incl. NDA flag), pipeline, churn, NPS | High (especially logos[].nda) |
fundraise | Active fundraise: instrument, ask, valuation target, room left, deck/data-room URLs, syndicate, close target | Highest — financial-promotion exposure |
updates | Append-only investor updates with id, date, title, body, tags | Medium |
Example shape
{
"schema_version": "0.1.0",
"updated_at": "2026-04-19T09:30:00Z",
"profile_kind": "company",
"tier": "protected",
"financials": {
"currency": "GBP", "as_of": "2026-03-31",
"revenue": 287400, "arr": 410000,
"gross_margin_pct": 71.2, "runway_months": 14
},
"traction": {
"customer_count": 38,
"logos": [
{ "name": "Northern Fulfilment Group", "nda": false },
{ "name": "RedShield Logistics", "nda": true }
],
"churn_pct": 4.2, "nps": 47
},
"fundraise": {
"active": true, "instrument": "Equity",
"ask": 4000000, "currency": "GBP",
"valuation_target": 18000000,
"use_of_funds": "Hire 4 senior ML engineers, scale to 80 sites…",
"data_room_url": "https://dataroom.acme-robotics.example",
"close_target_date": "2026-09-30"
}
}Personal · public profile public
Same hosting convention as the company tier:
https://{your-domain}/.well-known/agentic-profile.json,
with profile_kind: "person". For founders, NEDs, advisors,
consultants, fractional leaders, and anyone whose engagements are
ad-hoc and discoverable. Public-tier personal profiles deliberately
omit precise compensation, calendar links, and live engagement state
— those go on the protected tier.
Required fields
| Field | Type | Notes |
|---|---|---|
schema_version | string (semver) | |
updated_at | ISO 8601 datetime | |
profile_kind | literal | "person" |
person.name | string | The name you publicly use professionally |
person.headline | string ≤ 200 | One-liner, e.g. "Independent NED · former CFO at Series-B SaaS" |
Recommended fields
| Field | Type | Notes |
|---|---|---|
person.location | object | { city, country } — country is ISO 3166-1 alpha-2 |
person.bio | string ≤ 2000 | Public biographical summary |
person.expertise | array of strings | Hyphenated tags, max 12 |
person.languages | array of ISO 639-1 | e.g. ["en", "fr"] |
current_roles | array | { title, organisation, organisation_url?, since, evidence_url? } |
past_roles_band | enum | "0", "1-2", "3-4", "5+" — count band, no full history on public |
key_past_roles | array (max 5) | Material roles only, with evidence URLs |
credentials | array | Professional bodies (ICAEW, IoD, CFA, …) with verifiable IDs |
links | object | Keyed URLs (linkedin, github, website, …) |
evidence | array | Same shape as on company profiles |
contact.preferred_channel | enum | email, form, private-mcp, none |
contact.private_mcp | URL | Pointer to your protected-tier MCP, if you run one |
Example
{
"schema_version": "0.1.0",
"updated_at": "2026-04-19T00:00:00Z",
"profile_kind": "person",
"tier": "public",
"person": {
"name": "Jane Lawson",
"headline": "Independent NED · former CFO at Series-B SaaS",
"location": { "city": "London", "country": "GB" },
"expertise": ["finance", "audit-committee", "saas-metrics", "fintech-regulation"]
},
"current_roles": [
{
"title": "Independent Non-Executive Director",
"organisation": "Glassbridge Capital",
"since": "2024-06"
}
],
"past_roles_band": "5+",
"credentials": [
{ "type": "ICAEW", "evidence_url": "https://find.icaew.com/example" }
],
"links": {
"linkedin": "https://www.linkedin.com/in/example-jane-lawson"
},
"contact": {
"preferred_channel": "form",
"form_url": "https://janelawson.example/contact",
"private_mcp": "https://private-mcp.janelawson.example/mcp"
}
}Personal · protected profile protected
Served from your private MCP, behind your auth, to principals you've explicitly authorised. Designed for the engagement-discovery use case: a recruiter, board chair, or portfolio CEO has been told about you, visits your public profile, requests access, and is then handed back the protected payload below.
Sections
| Section | Purpose |
|---|---|
engagement | Availability flag, engagement types (advisory / fractional / non-exec / interim), day rate, advisory-equity band, hours/week, next availability date |
career.experience | Full career history with title, organisation, dates, scope, outcomes, and references |
career.education | Institution, qualification, year |
portfolio | Material engagements (titles, outcomes, NDA flag) — the protected counterpart to a public case-studies page |
contact_private | Email, phone, calendar URL — only visible after access is granted |
updates | Append-only updates (availability changes, recent wins, focus shifts) |
Example shape
{
"schema_version": "0.1.0",
"updated_at": "2026-04-19T09:30:00Z",
"profile_kind": "person",
"tier": "protected",
"engagement": {
"available": true,
"type": ["non-exec", "advisory", "fractional"],
"day_rate": { "amount": 1800, "currency": "GBP" },
"advisory_equity_pct_band": "0.1-0.5%",
"availability_hours_per_week": 6,
"next_availability": "2026-07-01"
},
"career": {
"experience": [
{
"title": "CFO", "organisation": "Helix Analytics",
"from": "2018-04", "to": "2023-09",
"outcomes": ["ARR 12.8x in 5y", "GM 58% → 74%", "Exit at 8x ARR multiple"]
}
]
},
"contact_private": {
"email": "jane@janelawson.example",
"calendar_url": "https://cal.example/jane/intro"
}
}Where to put it (the URI)
Canonical: https://{your-domain}/.well-known/agentic-profile.json
The /.well-known/ path prefix is the IETF-standardised
home for site-wide metadata under
RFC 8615
(2019, obsoletes RFC 5785). It is the same convention used by
security.txt, OAuth's openid-configuration,
Apple's app-site-association, ACME challenges, WebFinger, and
others — and it is where the AI ecosystem is converging too.
Fallbacks
- Root fallback: if your host won't serve files under
/.well-known/, the directory will also accepthttps://{your-domain}/agentic-profile.json. Discovery prefers the well-known path when both exist. - Pointer mode: if you'd rather serve from a public
MCP than a static file, the well-known file may instead point at
the MCP:
{ "schema_version": "0.1.0", "public_mcp": "https://public-mcp.your-domain.example/mcp", "owner_proof": "dns-txt" } - DNS TXT (v0.2):
_agentic-profile.your-domain.example TXT "mcp=https://…"for the same purpose, useful when you don't control HTTP routing.
Related conventions, and why agentic-first is its own slot
We did the survey before picking a name. Four adjacent conventions already exist; each describes a different thing.
| Convention | Describes | Status (2026) |
|---|---|---|
/.well-known/mcp.json |
Your MCP server: endpoint, transport, tools, auth, capabilities, rate limits. | Proposed (SEP-1960 / SEP-2127, modelcontextprotocol working group) |
/.well-known/agent-card.json |
An A2A-protocol agent: capabilities, identity, contact-on-behalf-of. | IANA-registered, permanent (Linux Foundation, Aug 2025) |
/llms.txt |
A Markdown index of your site for LLMs to read instead of crawling everything. | De-facto, ~844k adopters incl. Anthropic, Cloudflare, Stripe |
/agents-brief.txt |
What an AI agent is permitted to do on your site (book, buy, submit). | Draft v0.4, early 2026 |
/.well-known/agentic-profile.json |
Who is the company or person behind this site — jurisdiction, registry, key people, banded financials, contact channel. | This standard, v0.1.0, defined here |
The first four describe protocol or content; agentic-first describes the publisher. They are complementary, and adopters are encouraged to publish whichever combination fits. A company that runs an MCP server, has an A2A agent, and wants its corporate identity discoverable would publish all three.
We will pursue an IANA provisional registration for
agentic-profile.json alongside the v0.2 schema bump,
following the same path the A2A protocol took to its permanent
registration.
Belt-and-braces: also embed Schema.org JSON-LD
Search engines and most current LLM crawlers still look for
Schema.org Organization
(or Person) JSON-LD on your home page. Drop it in a
<script type="application/ld+json"> block alongside
your agentic-profile file. The two are not in conflict — Schema.org
is for SEO + general discovery, agentic-first is for agent-native
diligence.
How to host it
Vanilla static HTML / Apache / Nginx / Caddy
Drop the file at the canonical path in your document root. Most web
servers will serve /.well-known/ by default; the only
thing worth checking is the Content-Type header, which
should be application/json.
# Apache .htaccess (only needed if your host blocks dotfiles by default)
<Files "agentic-profile.json">
Header set Content-Type "application/json"
</Files>
# Nginx
location = /.well-known/agentic-profile.json {
default_type application/json;
add_header Cache-Control "public, max-age=300";
}
# Caddy
@profile path /.well-known/agentic-profile.json
header @profile Content-Type application/json
header @profile Cache-Control "public, max-age=300"Vercel / Netlify / Cloudflare Pages
Place the file at public/.well-known/agentic-profile.json
(Next.js, Vite, Nuxt) or static/.well-known/agentic-profile.json
(SvelteKit, Astro), then deploy. All three platforms serve
/.well-known/ paths transparently.
Squarespace
Squarespace is the trickiest of the popular hosts because it does not let you upload arbitrary files to a path beginning with a dot, and its file-storage URLs aren't user-controllable. There are three practical workarounds in increasing order of robustness:
Option 1 — Cloudflare Worker in front (recommended)
Put your domain behind Cloudflare (DNS-only or full proxy), then
deploy a one-file Worker that serves the static JSON for the
well-known path and falls through to Squarespace for everything
else. This gives you the canonical URL and a proper
Content-Type, with no Squarespace surgery.
// Cloudflare Worker — serve /.well-known/agentic-profile.json,
// fall through to Squarespace for everything else.
const PROFILE = JSON.stringify({
/* paste your profile here */
});
export default {
async fetch(request) {
const url = new URL(request.url);
if (url.pathname === "/.well-known/agentic-profile.json") {
return new Response(PROFILE, {
headers: {
"content-type": "application/json",
"cache-control": "public, max-age=300",
},
});
}
return fetch(request);
},
};Option 2 — URL Mapping to a hidden code-block page
Squarespace's Settings → Advanced → URL Mappings
can 301-redirect /.well-known/agentic-profile.json
to a normal page (e.g. /agentic-profile) that contains a
Code Block holding the JSON. The downside: the response is HTML
wrapping the JSON, and you can't set the Content-Type
header. Some validators tolerate this; the agentic-first directory
will accept it but warns about the wrong content type.
Option 3 — Subdomain on a static host
Set profile.your-domain.com as a CNAME to a free static
host (Cloudflare Pages, GitHub Pages, Netlify) and serve the file
from there. Then in your agentic-profile, set
company.website to your real Squarespace URL and rely on
the directory's domain-pointer convention. This is fully spec-compliant
but adds one more thing to operate.
Coming in the next site update
Step-by-step guides for WordPress, Wix, Webflow, Ghost, Shopify, and Notion. If your host isn't covered yet, the Cloudflare Worker recipe above works for any of them.
Validate & submit
Once your file is live, point the directory at it. The
submit_website tool runs the full validator
(structural + semantic + cross-reference + temporal) against your
domain and either indexes you or returns a structured error report.
curl -sS -X POST https://directory.agentic-first.co/mcp \
-H 'content-type: application/json' \
-H 'accept: application/json, text/event-stream' \
-d '{"jsonrpc":"2.0","id":1,"method":"tools/call",
"params":{"name":"submit_website",
"arguments":{"domain":"your-domain.example"}}}'
Or call submit_website from any MCP-aware client
(Claude Desktop, Cursor, …) pointed at
https://directory.agentic-first.co/mcp.
Versioning & governance
The schema is SemVer'd. Breaking changes bump the major version and come with a 90-day deprecation window during which both versions validate. Minor and patch versions are additive only and never reject previously valid documents. Schema files are immutably versioned at stable URLs:
https://directory.agentic-first.co/schemas/company-profile-{version}.jsonhttps://directory.agentic-first.co/schemas/company-private-profile-{version}.jsonhttps://directory.agentic-first.co/schemas/personal-profile-{version}.jsonhttps://directory.agentic-first.co/schemas/personal-private-profile-{version}.json
All four are served with application/schema+json and
long-lived immutable cache headers — the URL itself is versioned, so
the bytes never change.
Decisions of consequence are recorded as ADRs in the
pitch-mcp/docs/adr
directory of the directory's source. Disputes about a published
profile go through the directory's dispute flow (Phase 5).