vgs.io — AI Site Grade

Analysis

The vgs.io Domain Is a Dead Redirect Shell — the Real Site Lives Elsewhere, and AI Crawlers Get a 313-Byte Redirect Page

The domain vgs.io is a parked GitHub Pages site that serves a single 8-word message ("This page has moved to a www.verygoodsecurity.com") to every AI crawler and browser alike. All 11 bot UAs tested (GPTBot, ClaudeBot, PerplexityBot, Google-Extended, etc.) receive a 313-byte redirect page with zero substantive content. The actual brand lives at www.verygoodsecurity.com, hosted on Netlify behind CloudFront.

Crawler Access

The vgs.io domain has no robots.txt (returns a GitHub Pages 404 page). The real domain verygoodsecurity.com has a minimal robots.txt that allows all user-agents (User-agent: * with no disallow rules) and points to a sitemap. No AI-specific directives exist — GPTBot, ClaudeBot, PerplexityBot, Google-Extended, OAI-SearchBot, anthropic-ai, Bytespider, and Applebot-Extended are all implicitly allowed. compare_bot_access confirms every bot gets a 200 with full content (454 KB, identical to browser baseline) from www.verygoodsecurity.com. The llms.txt file returns 404 on both domains — a notable gap for a company positioning itself as "agentic commerce infrastructure."

Cold-Knowledge Gap

The LLM's prior knowledge describes VGS as a "data security platform" focused on tokenization, PCI-DSS compliance, and a "Zero Data Platform" — mentioning clients like Brex, Robinhood, and Marqeta. The actual site has completely repositioned. The homepage headline is "The Trusted Agentic Commerce Infrastructure." The brand now leads with payment tokenization for AI agents, network tokens, card management, and a new "AI Data Firewall" product. The cold knowledge mentions a $60M Series C from Goldman Sachs in 2023; the site's press page shows a 10-year anniversary milestone (founded 2015, not 2016 as the model states), 5 billion tokens stored, a Visa partnership expansion, and CNBC's World's Top Fintech Companies 2025 listing. The model's knowledge is 18-24 months stale and misses the entire agentic commerce pivot.

Schema Posture

Every page carries the same minimal Organization schema (@id: https://www.verygoodsecurity.com/#organization) with only a LinkedIn sameAs link. No WebSite, WebPage, BreadcrumbList, FAQPage (despite the AI Data Firewall page having an FAQ section), Product, or SoftwareApplication schema exists. The glossary page with 100+ defined terms uses no DefinedTermSet or FAQPage markup. The blog has no BlogPosting or Article schema. The pricing page has no Offer or PriceSpecification schema.

Content & Signals

The site is a Nuxt.js application (JS-rendered) served via Netlify. The homepage has strong answer-format signals: a list of use cases, industry cards, and testimonial quotes — but no FAQ, no comparison tables, no structured data. The AI Data Firewall page is the only page with an FAQ section (5 questions), but it lacks FAQPage schema. The blog is active and fresh (posts from May 2026), with categories including "Agentic," "Payments," "Compliance," and "News." The sitemap contains 158 URLs covering case studies, industry pages, learn resources, and a glossary.

External Signals

DNS TXT records reveal integrations with Anthropic (anthropic-domain-verification), OpenAI (openai-domain-verification), HubSpot, Salesforce, OneTrust, Zapier, Adobe, Apple, Atlassian, and 1Password — confirming the brand is deeply embedded in the AI/enterprise ecosystem. The press page shows a Visa partnership expansion, CNBC Top Fintech Companies 2025, Juniper Research Platinum Award for Network Tokenization, and Money20/20 finalist status. No Reddit threads or independent reviews were found in search results — the brand's external AI footprint is thin relative to its market position.

Findings

1. Primary domain vgs.io serves a 313-byte redirect page to all AI crawlers High

   The domain vgs.io is a parked GitHub Pages site that returns a minimal redirect page with no substantive content. All 11 AI crawlers tested receive the same empty page, effectively blocking AI visibility for the brand's primary domain.

   What to change: Redirect vgs.io to www.verygoodsecurity.com via a 301 redirect or serve the same content as the main site. Ensure AI crawlers receive full HTML content.

2. llms.txt file returns 404 on both domains Medium

   Neither vgs.io nor verygoodsecurity.com provides an llms.txt file. This is a notable gap for a company positioning itself as agentic commerce infrastructure, as llms.txt helps AI crawlers discover key resources.

   What to change: Create an llms.txt file at the root of verygoodsecurity.com listing key pages (homepage, docs, blog, pricing, AI Data Firewall).

3. FAQ sections lack FAQPage schema markup Medium

   The AI Data Firewall page contains an FAQ section with 5 questions, but no FAQPage structured data is present. This misses an opportunity for rich results in AI and search engines.

   What to change: Add FAQPage schema to the AI Data Firewall page and any other pages with FAQ sections.

4. All pages carry only minimal Organization schema Medium

   Every page on verygoodsecurity.com uses the same minimal Organization schema with only a LinkedIn sameAs link. No WebSite, WebPage, BreadcrumbList, Product, SoftwareApplication, or other relevant schema types are present.

   What to change: Add WebSite, WebPage, BreadcrumbList, and page-specific schema (e.g., Product for pricing, SoftwareApplication for the platform, BlogPosting for blog articles).

5. Glossary page with 100+ terms lacks DefinedTermSet schema Medium

   The glossary page defines over 100 terms but uses no DefinedTermSet or FAQPage markup, reducing its discoverability and utility for AI crawlers.

   What to change: Add DefinedTermSet schema to the glossary page, marking each term with DefinedTerm.

6. Blog posts lack BlogPosting or Article schema Medium

   The blog page and individual posts do not include BlogPosting or Article structured data, missing an opportunity for rich results and AI content extraction.

   What to change: Add BlogPosting schema to each blog post with author, date, and headline properties.

7. Pricing page lacks Offer or PriceSpecification schema Low

   The pricing page describes plans but has no Offer or PriceSpecification structured data, reducing its visibility in AI-driven comparisons.

   What to change: Add Offer and PriceSpecification schema to the pricing page for each plan.

8. LLM cold knowledge is 18-24 months stale and misses agentic commerce pivot Medium

   The LLM's prior knowledge describes VGS as a data security platform focused on PCI-DSS compliance, while the site now leads with payment tokenization for AI agents and an AI Data Firewall. The model's knowledge is outdated and does not reflect the current brand positioning.

   What to change: Publish updated content and press releases to align public information with current positioning; consider submitting to AI knowledge bases.

9. External AI footprint is thin despite deep enterprise integrations Medium

   Web searches for VGS reviews, Reddit discussions, and blog RSS feeds returned zero results. The brand has strong enterprise integrations (Anthropic, OpenAI, HubSpot, etc.) but little independent AI-visible content.

   What to change: Encourage customer reviews, publish case studies, and engage in industry forums to build external AI signals.

10. vgs.io returns a 404 page for robots.txt Low

    The domain vgs.io has no robots.txt file, returning a GitHub Pages 404 page. While the main site has a permissive robots.txt, the primary domain's missing file could confuse crawlers.

    What to change: Add a robots.txt to vgs.io that redirects or points to the main site's sitemap.

11. Site is a Nuxt.js application with JS-rendered content Low

    The site is built with Nuxt.js and served via Netlify. While content is accessible to crawlers (confirmed by bot access tests), JS-rendered sites can sometimes cause issues with less sophisticated crawlers.

    What to change: Ensure server-side rendering (SSR) is fully enabled and test with multiple crawlers to confirm content extraction.

What's working

• Main site robots.txt allows all crawlers and includes sitemap — The robots.txt at verygoodsecurity.com allows all user-agents and points to a sitemap, ensuring AI crawlers can access the entire site.
• All 11 AI crawlers receive full HTML content from main site — Bot access tests confirm that every AI crawler (GPTBot, ClaudeBot, etc.) receives a 200 response with full content identical to browser baseline from www.verygoodsecurity.com.
• DNS records show deep enterprise integrations with AI companies — TXT records include domain verification for Anthropic and OpenAI, confirming VGS is integrated with major AI platforms, which can boost AI visibility.
• Blog is active with fresh content and AI-relevant categories — The blog has recent posts (May 2026) and categories like 'Agentic' and 'Payments', providing valuable content for AI crawlers.
• Sitemap contains 158 URLs covering key content areas — The sitemap includes case studies, industry pages, learn resources, and a glossary, helping crawlers discover the site's breadth.
• Press page showcases awards and partnerships that build credibility — The press page lists a Visa partnership, CNBC Top Fintech Companies 2025, and other accolades, providing authoritative signals for AI models.
• Dedicated AI Data Firewall page with FAQ section — The AI Data Firewall page explains the product and includes an FAQ section, which is valuable for AI crawlers despite missing schema.
• Developer documentation is available at docs.verygoodsecurity.com — The docs site provides technical content that can be indexed by AI crawlers, supporting developer queries.