Hard2bit Research ran its passive scanner against 60 public domains belonging to large European companies and government agencies on June 6. Of the 59 successful scans, not a single domain implemented any of the 11 emerging AI agent readiness standards the firm measured, according to the full report.
The standards tested include llms.txt (a machine-readable content index proposed by Jeremy Howard in 2024), MCP Server Card (Anthropic’s Model Context Protocol discovery file), Web Bot Auth (RFC 9421 HTTP signatures for agent authentication), API Catalog (RFC 9727), OAuth Discovery, Content-Signal, and five others. Across banking, healthcare, telcos, energy, retail, and public sector organizations: zero adoption on all 11 indicators.
What the Scan Found
The sample covered 10 domains per sector across six industries, targeting systemic EU banks, pharma multinationals, major telecom operators, energy grid companies, retail chains, and national cyber agencies. Hard2bit used fully passive analysis, checking only public DNS, TLS certificates, HTTP headers, robots.txt, and threat-intel lists. No intrusive probing.
The one AI-related control with measurable adoption: robots.txt bot blocking. 47% of domains publish some form of AI bot policy. Public sector agencies lead at 60%, followed by energy (60%) and telcos (50%). Retail sits at the bottom with 11%.
Where bot blocking exists, it is binary. Organizations block GPTBot, ClaudeBot, Google-Extended, and PerplexityBot uniformly or not at all. None use Content-Signal, the W3C/IETF proposal that enables granular per-use-case consent (distinguishing training from inference from search). The report notes this is “consistent with the immaturity of the standard itself.”
Security Posture by Sector
Beyond agent readiness, the scan revealed uneven foundational security. Banking enforces the strictest DMARC policies (100% at p=reject or p=quarantine) but has the worst Content-Security-Policy hygiene: 0% of banking domains configure CSP without unsafe-inline. The report calls this “CSP theatre.” Overall, 46% publish a CSP header, but only 20% configure it without unsafe-inline.
Email authentication is broadly adopted: 100% publish SPF, 98% DMARC. SMTP transport security via MTA-STS lags at 15%. TLS is effectively solved across the sample, with 93% supporting TLS 1.3 and zero domains offering weak ciphers.
The Web Bot Auth Gap
The report flags the absence of Web Bot Auth (RFC 9421) as the highest-risk finding. Without HTTP signatures that let organizations distinguish legitimate agents (signed by their operator) from scrapers spoofing a User-Agent string, robots.txt is an honor system. An attacker ignoring Disallow directives cannot be technically identified.
This means EU enterprises currently depend entirely on AI operators voluntarily respecting their policies. There is no cryptographic verification layer in place at any of the 59 domains scanned.
First Mover Sets the Pattern
Hard2bit frames the gap as both risk and opportunity for CISOs. No consolidated best practice exists for AI agent discoverability across large EU companies. The first organization to implement llms.txt or expose a properly configured MCP Server Card will define the de facto pattern competitors follow.
The report acknowledges sample limitations: 10 domains per sector is sufficient for aggregate trends but not granular statistical inference, and zero adoption may partially reflect standards still in draft rather than active rejection. The underlying data is clear regardless. As of mid-2026, European enterprise infrastructure is not built to interact with autonomous AI agents in any structured way.