@ainyc/canonry 1.46.1 → 1.48.2

package/README.md

@@ -1,6 +1,6 @@
 # Canonry <img src="apps/web/public/favicon-32.png" alt="Canonry canary icon" width="24" />
 
-[![npm version](https://img.shields.io/npm/v/@ainyc/canonry)](https://www.npmjs.com/package/@ainyc/canonry) [![License: FSL-1.1-ALv2](https://img.shields.io/badge/License-FSL--1.1--ALv2-blue.svg)](https://fsl.software/) [![Node.js >= 20](https://img.shields.io/badge/node-%3E%3D20-brightgreen)](https://nodejs.org)
+[![npm version](https://img.shields.io/npm/v/@ainyc/canonry)](https://www.npmjs.com/package/@ainyc/canonry) [![License: FSL-1.1-ALv2](https://img.shields.io/badge/License-FSL--1.1--ALv2-blue.svg)](https://fsl.software/) [![Node.js >= 22.14](https://img.shields.io/badge/node-%3E%3D22.14-brightgreen)](https://nodejs.org)
 
 Canonry is an agent-first AEO platform powered by [OpenClaw](https://openclaw.ai). It tracks how ChatGPT, Gemini, Claude, and Perplexity cite your site, detects regressions, diagnoses causes, coordinates fixes, and reports results.
 
@@ -107,15 +107,30 @@ canonry apply project-a.yaml project-b.yaml
 ## API
 
 All endpoints under `/api/v1/`. Authenticate with `Authorization: Bearer cnry_...`.
-
-| Method | Path | Description |
-|--------|------|-------------|
-| `PUT` | `/api/v1/projects/{name}` | Create or update a project |
-| `POST` | `/api/v1/projects/{name}/runs` | Trigger a visibility sweep |
-| `GET` | `/api/v1/projects/{name}/timeline` | Per-keyword citation history |
-| `GET` | `/api/v1/projects/{name}/snapshots/diff` | Compare two runs |
-| `POST` | `/api/v1/apply` | Config-as-code apply |
-| `GET` | `/api/v1/openapi.json` | OpenAPI spec (no auth required) |
+The canonical, always-up-to-date surface is served at `GET /api/v1/openapi.json` (no auth required).
+
+Canonry is **agent-first** — every dashboard view has a matching API endpoint and CLI command. The surface is grouped by domain:
+
+| Domain | What it covers | Highlights |
+|--------|----------------|------------|
+| **Projects** | Create, read, update, delete projects; locations; export | `PUT /projects/{name}`, `GET /projects`, `GET /projects/{name}/export` |
+| **Apply** | Config-as-code — declarative multi-project upsert | `POST /apply` |
+| **Keywords / Competitors** | Per-project keyword and competitor management | `POST/DELETE /projects/{name}/keywords`, `/competitors` |
+| **Runs** | Trigger, list, cancel, and inspect visibility sweeps | `POST /projects/{name}/runs`, `GET /runs`, `POST /runs/{id}/cancel` |
+| **Schedules** | Cron-based recurring sweeps | `GET/PUT /projects/{name}/schedule` |
+| **History / Snapshots** | Timeline + run diffs + per-keyword citation state | `GET /projects/{name}/timeline`, `/snapshots/diff`, `/history` |
+| **Intelligence** | DB-backed insights + health snapshots + dismissal | `GET /projects/{name}/insights`, `/health`, `POST /insights/{id}/dismiss` |
+| **Notifications** | Webhook subscriptions per project (agent or user-defined) | `GET/POST/DELETE /projects/{name}/notifications`, `POST /.../test` |
+| **Analytics** | Aggregated dashboard analytics | `GET /projects/{name}/analytics` |
+| **Google (GSC + OAuth)** | Search Console integration, OAuth flow, property selection, URL inspection | `/google/*`, `/projects/{name}/google/*` |
+| **Google Analytics (GA4)** | Traffic, social referrals, attribution, AI referrals | `/projects/{name}/ga/*` |
+| **Bing Webmaster** | Coverage, URL inspection, keyword stats | `/projects/{name}/bing/*` |
+| **WordPress** | Content publishing + site management integration | `/projects/{name}/wordpress/*` |
+| **CDP (ChatGPT browser provider)** | Chrome DevTools Protocol health and session status | `/cdp/*` |
+| **Settings / Auth / Telemetry** | Server config, API key management, opt-in telemetry | `/settings`, `/telemetry` |
+| **OpenAPI** | Full spec | `GET /openapi.json` *(no auth)* |
+
+For the complete list of ~118 endpoints with request/response schemas, query `GET /api/v1/openapi.json` or browse the per-domain route handlers under [`packages/api-routes/src/`](packages/api-routes/src/).
 
 ## Provider Setup
 
@@ -162,7 +177,7 @@ Create a Web Service with runtime Docker, attach a disk at `/data`. Health check
 
 ## Requirements
 
-- Node.js >= 20
+- Node.js >= 22.14.0
 - At least one provider API key (configurable after startup)
 
 If `npm install` fails with `node-gyp` errors, install build tools for `better-sqlite3`: `xcode-select --install` (macOS), `apt-get install python3 make g++` (Debian), or see the [troubleshooting guide](https://github.com/WiseLibs/better-sqlite3/blob/master/docs/troubleshooting.md).

package/assets/agent-workspace/AGENTS.md

@@ -0,0 +1,89 @@
+# Aero Agent -- Operational Guidelines
+
+## Data Access
+
+All data access goes through the canonry CLI. Never read the SQLite database directly.
+
+```bash
+# Always use --format json for structured output
+canonry <command> --format json
+```
+
+The canonry server must be running for most commands. Verify with:
+
+```bash
+canonry agent status
+```
+
+If the server isn't running, start it with `canonry serve` (or `canonry agent start` for the gateway).
+
+## Key Commands
+
+### Monitoring
+
+| Command | Purpose |
+|---------|---------|
+| `canonry run <project>` | Trigger a visibility sweep across all configured providers |
+| `canonry run <project> --provider gemini` | Single-provider sweep |
+| `canonry status <project>` | Current project status and latest run summary |
+| `canonry evidence <project>` | Raw citation evidence from sweeps |
+| `canonry insights <project>` | AI-generated insights and findings |
+| `canonry health <project>` | Health snapshot with visibility scores |
+| `canonry timeline <project>` | Per-keyword citation history over time |
+| `canonry export <project>` | Full project data export |
+
+### Auditing
+
+```bash
+# Run a technical AEO audit on a URL
+npx @ainyc/aeo-audit <url> --format json
+```
+
+### Project Management
+
+| Command | Purpose |
+|---------|---------|
+| `canonry project list` | List all projects |
+| `canonry project create <name> --domain <domain>` | Create a new project |
+| `canonry keyword add <project> <keyword>...` | Add keywords to track |
+| `canonry keyword list <project>` | List tracked keywords |
+
+## Workflow Patterns
+
+### Daily monitoring sweep
+
+1. Check project status: `canonry status <project> --format json`
+2. Run sweep if stale: `canonry run <project>`
+3. Review insights: `canonry insights <project> --format json`
+4. Escalate critical/high severity findings to the operator
+
+### Investigation workflow
+
+1. Identify affected keywords from insights
+2. Pull evidence: `canonry evidence <project> --format json`
+3. Check timeline for trends: `canonry timeline <project> --format json`
+4. If structural issues suspected, run audit: `npx @ainyc/aeo-audit <url> --format json`
+5. Compile findings with evidence and recommended actions
+
+## Quota Awareness
+
+Provider APIs have rate limits. Follow these guidelines:
+
+- Don't run full sweeps more than necessary. Check `canonry status` first to see when the last run completed.
+- Use `--provider <name>` for targeted single-provider checks when investigating a specific engine.
+- If a run returns `partial` status, some providers failed -- check the run details before retrying.
+- Space out consecutive sweeps. Back-to-back runs waste quota without new data.
+
+## Skills
+
+Reference skills are available in `skills/` for domain-specific guidance:
+
+- `skills/aero/` -- Aero agent skill definition
+- `skills/canonry-setup/` -- Canonry installation and configuration reference
+
+## Error Handling
+
+- Exit code `0` = success, `1` = user error, `2` = system error.
+- On exit code `2` (system error), check server status and retry once before escalating.
+- On exit code `1` (user error), review the error message -- don't retry the same command.
+- Parse stderr for structured error JSON: `{ "error": { "code": "...", "message": "..." } }`.

package/assets/agent-workspace/SOUL.md

@@ -0,0 +1,54 @@
+# Aero
+
+You are Aero, an AI-native AEO (Answer Engine Optimization) analyst. You monitor how AI answer engines -- Gemini, ChatGPT, Claude, Perplexity -- cite and reference domains for tracked keywords, then surface actionable findings to your operator.
+
+## Identity
+
+- **Role:** Autonomous analyst, not a chatbot. You surface findings proactively; the operator approves or dismisses.
+- **Tools:** `canonry` CLI and `@ainyc/aeo-audit` are your primary instruments. All data access goes through these tools.
+- **Domain:** Citation monitoring, answer engine visibility, structured data validation, competitive positioning.
+
+## Operating Principles
+
+1. **Data-first.** Every claim must be backed by evidence from a canonry sweep or audit result. Never fabricate citation data or invent sources.
+2. **Proactive.** Don't wait to be asked. When you detect regressions, emerging competitors, or optimization opportunities, surface them immediately.
+3. **Honest timelines.** If a sweep is rate-limited or a provider is down, say so. Don't promise results you can't deliver.
+4. **Action-oriented.** End every analysis with concrete next steps: what to fix, what to monitor, what to escalate.
+5. **Concise.** Report in structured format with evidence tables. No filler, no hedging, no marketing language.
+
+## Priority Framework
+
+Severity ordering for findings:
+
+1. **Critical:** Branded keyword citation loss (domain was cited, now isn't). Escalate immediately.
+2. **High:** Competitor gaining citations on tracked keywords where the domain is absent.
+3. **Medium:** Informational keyword gaps -- domain has relevant content but isn't surfaced by answer engines.
+4. **Low:** Optimization opportunities -- structured data improvements, content gaps for long-tail queries.
+
+## Constraints
+
+- Never access the canonry SQLite database directly. Use `canonry <command> --format json` for all data.
+- Never fabricate sweep results or citation data. If data is unavailable, say so.
+- Never run sweeps without considering provider rate limits and quota.
+- Never present audit recommendations as confirmed fixes -- they are suggestions that require validation.
+- Always attribute findings to specific sweep runs, timestamps, and providers.
+
+## Reporting Format
+
+When presenting findings, use this structure:
+
+```
+## [Finding Title]
+
+**Severity:** critical | high | medium | low
+**Keywords affected:** <list>
+**Provider(s):** <which answer engines>
+**Evidence:** <run ID, timestamp, citation state>
+
+### Analysis
+<What changed and why it matters>
+
+### Recommended Actions
+1. <Specific action>
+2. <Specific action>
+```

package/assets/agent-workspace/USER.md

@@ -0,0 +1,23 @@
+# Client Context
+
+This file stores client-specific context accumulated over time. Update it as you learn about the client's domain, priorities, and competitive landscape.
+
+## Client Info
+
+<!-- Domain, industry, target audience, key products/services -->
+
+## Projects
+
+<!-- Active canonry projects and their purpose -->
+
+## Key Findings
+
+<!-- Important discoveries from sweeps and audits, with dates -->
+
+## Watchlist
+
+<!-- Keywords, competitors, or trends to monitor closely -->
+
+## Notes
+
+<!-- Any other relevant context -->

package/assets/agent-workspace/skills/aero/SKILL.md

@@ -40,3 +40,4 @@ You coordinate across three tools to deliver comprehensive AEO monitoring:
 - [memory-patterns.md](references/memory-patterns.md) — What to persist per client
 - [regression-playbook.md](references/regression-playbook.md) — Detection through response
 - [reporting.md](references/reporting.md) — Report generation templates
+- [wordpress-elementor-mcp.md](references/wordpress-elementor-mcp.md) — Elementor MCP tools for page management

package/assets/agent-workspace/skills/aero/references/wordpress-elementor-mcp.md

@@ -0,0 +1,218 @@
+# Elementor + WordPress MCP Development Guide
+
+## Overview
+
+This guide covers programmatic management of WordPress + Elementor sites using the Elementor MCP plugin. It enables AI agents to read, create, and modify Elementor page layouts, widgets, and settings via the Model Context Protocol.
+
+## Prerequisites
+
+### WordPress Side
+- WordPress >= 6.8
+- Elementor >= 3.20 (container-based layouts)
+- Elementor Pro (for custom CSS, forms, nav menus, etc.)
+- **WordPress MCP Adapter** plugin ([GitHub](https://github.com/WordPress/mcp-adapter))
+- **Elementor MCP** plugin ([GitHub](https://github.com/msrbuilds/elementor-mcp))
+- Application Password created for API auth (Users > Profile > Application Passwords)
+- Permalinks set to "Post name" (required for `/wp-json/` REST API routing)
+
+### Client Side
+- `.mcp.json` in project root with HTTP MCP server config
+- Base64-encoded credentials: `echo -n "username:app-password" | base64`
+
+## MCP Configuration
+
+```json
+{
+  "mcpServers": {
+    "elementor-staging": {
+      "type": "http",
+      "url": "https://your-staging-site.com/wp-json/mcp/elementor-mcp-server",
+      "headers": {
+        "Authorization": "Basic BASE64_CREDENTIALS"
+      }
+    },
+    "elementor-production": {
+      "type": "http",
+      "url": "https://your-production-site.com/wp-json/mcp/elementor-mcp-server",
+      "headers": {
+        "Authorization": "Basic BASE64_CREDENTIALS"
+      }
+    }
+  }
+}
+```
+
+### Troubleshooting Connection Issues
+- If `/wp-json/` returns 404: go to Settings > Permalinks, set to "Post name", click Save
+- If auth fails (401): verify application password is correct and user has admin role
+- If MCP endpoint 404 but `/wp-json/` works: re-activate both MCP plugins
+- After staging re-clone: re-install plugins, re-create app password, re-save permalinks
+
+## Elementor Architecture
+
+### Element Hierarchy
+```
+Page
+ └── Container (root section)
+      └── Container (hero/section)
+           └── Container (row/column)
+                └── Widget (heading, text-editor, button, etc.)
+```
+
+### Key Concepts
+- **Containers** are flex/grid layouts that hold other containers or widgets
+- **Widgets** are the actual content elements (headings, text, images, buttons, forms)
+- **Element IDs** are 7-char hex strings, unique within a page
+- **Settings** control all visual properties (typography, colors, spacing, responsive)
+- **Responsive suffixes**: `_tablet` and `_mobile` variants (e.g., `typography_font_size_tablet`)
+
+### Common Widget Types
+- `heading` — H1-H6 titles
+- `text-editor` — Rich text content
+- `button` — CTA buttons with links
+- `image` / `image-box` — Images with optional text
+- `form` — Contact/lead forms (Pro)
+- `google_maps` — Embedded maps
+- `html` — Custom HTML (used for JSON-LD schema injection)
+- `reviews` — Testimonials
+- `nested-tabs` / `nested-accordion` — Tabbed/accordion content
+
+## Core MCP Workflow
+
+### 1. Discovery
+
+```
+list-pages              → Get all Elementor pages with IDs
+get-page-structure      → See element tree (containers + widgets)
+get-element-settings    → Inspect any element's full settings
+find-element            → Search by text content, widget type, or setting
+list-widgets            → See all available widget types
+get-widget-schema       → Get available settings for a widget type
+```
+
+### 2. Content Updates
+
+```
+update-widget           → Change text, links, colors, typography (partial merge)
+update-container        → Change layout, spacing, alignment, background
+add-heading             → Add a heading widget
+add-text-editor         → Add a text block
+add-button              → Add a CTA button
+add-html                → Add custom HTML (JSON-LD schema, tracking scripts)
+add-container           → Add a layout container
+```
+
+### 3. Structure Changes
+
+```
+move-element            → Reorder or re-parent elements
+remove-element          → Delete an element
+duplicate-element       → Clone an element
+reorder-elements        → Change sibling order
+```
+
+### 4. Styling
+
+```
+add-custom-css          → Page-level or element-level CSS (use media queries for responsive)
+update-global-colors    → Site-wide color palette
+update-global-typography → Site-wide font presets
+```
+
+### 5. Page Management
+
+```
+create-page             → New WordPress page with Elementor
+build-page              → Create complete page from declarative JSON
+export-page             → Get full page data
+delete-page-content     → Clear page content
+```
+
+## Best Practices
+
+### Staging-First Workflow
+1. Make all changes on staging via MCP
+2. Verify visually across viewports (use Chrome browser tools)
+3. Get human approval
+4. Replay changes on production via MCP
+5. Re-clone staging from production for next iteration
+
+### Responsive Design
+- Always check 3 breakpoints: desktop (1440+), tablet (768-1024), mobile (375-390)
+- Use `_tablet` and `_mobile` setting suffixes for responsive overrides
+- For large desktop fixes (1800px+), use `add-custom-css` with media queries
+- Elementor's breakpoints: desktop (default), tablet (1024px), mobile (767px)
+
+### Settings Merge Behavior
+- `update-widget` and `update-container` do **partial merges** — only specified settings change
+- Nested objects (like `margin`, `padding`, `typography_font_size`) must include all subkeys
+- Example margin: `{"unit": "px", "top": "0", "right": "0", "bottom": "0", "left": "20", "isLinked": false}`
+
+### CSS Custom Overrides
+- Use `add-custom-css` with `replace: true` to avoid CSS accumulation
+- Use `selector` keyword for element-level CSS: `selector .heading { color: red; }`
+- Wrap responsive fixes in `@media` queries to avoid affecting other breakpoints
+- Always verify CSS doesn't break other viewports after applying
+
+### JSON-LD Schema Injection
+- Use `add-html` widget with `<script type="application/ld+json">` content
+- Place in root container (append position -1) — script tags produce no visible output
+- Use distinct `@id` values that don't conflict with Yoast's auto-generated schema
+- Yoast generates: WebPage, BreadcrumbList, WebSite, Organization
+- Custom schema should use: Service, RoofingContractor, DefinedTerm, LocalBusiness, etc.
+
+### Common Gotchas
+- **Elementor CSS cache**: changes may not appear until CSS is regenerated. Use Elementor > Tools > Regenerate Files & Data, or the cache flush endpoint
+- **Shared templates**: headers/footers are Elementor Library templates (different post type). Find their post ID via browser inspection (`data-elementor-id` attribute)
+- **Widget IDs shared across pages**: pages cloned from templates share element IDs. Changes to one page don't affect others
+- **Yoast SEO meta**: not writable via REST API. Must be set manually in wp-admin
+- **WP Staging re-clone**: wipes plugins, app passwords, and permalink settings. Must reconfigure after each clone
+- **Background images**: `background-position` and `background-size: cover` interact differently across viewport sizes. Use browser tools to measure actual rendered positions
+
+## Quick Reference: Common Operations
+
+### Change heading text
+```
+update-widget(post_id, element_id, {"title": "New Heading"})
+```
+
+### Change text block content
+```
+update-widget(post_id, element_id, {"editor": "<p>New content</p>"})
+```
+
+### Change font size (responsive)
+```
+update-widget(post_id, element_id, {
+  "typography_font_size": {"unit": "px", "size": 80, "sizes": []},
+  "typography_font_size_tablet": {"unit": "px", "size": 65, "sizes": []},
+  "typography_font_size_mobile": {"unit": "px", "size": 40, "sizes": []}
+})
+```
+
+### Change container margin
+```
+update-container(post_id, element_id, {
+  "margin": {"unit": "px", "top": "0", "right": "0", "bottom": "0", "left": "250", "isLinked": false}
+})
+```
+
+### Add JSON-LD schema to a page
+```
+add-html(post_id, parent_id, '<script type="application/ld+json">{"@context":"https://schema.org",...}</script>')
+```
+
+### Add responsive CSS fix
+```
+add-custom-css(post_id, '@media (min-width: 1800px) { .elementor-element-XXXXX { margin-top: -200px !important; } }', replace=true)
+```
+
+### Find text on a page
+```
+find-element(post_id, search_text="lorem ipsum")
+```
+
+### Update Google Maps widget
+```
+update-widget(post_id, element_id, {"address": "Southeast Michigan, USA", "zoom": {"unit": "px", "size": 8, "sizes": []}})
+```

package/assets/agent-workspace/skills/canonry-setup/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: canonry
-description: "AEO (Answer Engine Optimization) monitoring and analysis using canonry CLI and aeo-audit tool. Use when: (1) running citation sweeps across AI providers (Gemini, ChatGPT, Claude, Perplexity); (2) auditing technical SEO with structured data validation; (3) implementing schema markup, sitemaps, llms.txt; (4) diagnosing indexing issues via Google Search Console and Bing Webmaster Tools; (5) optimizing content for AI readability and entity consistency. NOT for: general web development, content writing, PPC campaigns, or social media management."
+description: "Agent-first AEO monitoring and operating platform."
 metadata:
   {
     "openclaw":
@@ -32,38 +32,25 @@ metadata:
 
 # Canonry
 
-Monitor and optimize site visibility across AI answer engines (Gemini, ChatGPT, Claude, Perplexity) and traditional search engines using the `canonry` CLI for AEO monitoring and `aeo-audit` for technical SEO analysis.
+Open-source AEO (Answer Engine Optimization) monitoring platform. Track how AI answer engines cite your domain across Gemini, ChatGPT, Claude, and Perplexity.
 
-## When to Use
+**Website:** [ainyc.ai](https://ainyc.ai) | **Docs:** [github.com/AINYC/canonry](https://github.com/AINYC/canonry)
 
-✅ **USE this skill when:**
+## When to Use
 
-- Tracking which keyphrases earn citations (or lose them) across AI providers
-- Running technical SEO audits with 14‑factor scoring
-- Implementing structured data (JSON‑LD: LocalBusiness, FAQPage, Service)
-- Diagnosing indexing gaps in Google Search Console / Bing Webmaster Tools
-- Optimizing `llms.txt`, `llms‑full.txt`, sitemaps, robots.txt for AI crawlers
-- Patching missing H1 tags, meta descriptions, image alt text
+- Tracking keyphrase citations across AI providers
+- Running technical SEO audits (14‑factor scoring)
+- Implementing structured data (JSON‑LD)
+- Diagnosing indexing gaps via Google Search Console / Bing Webmaster Tools
+- Optimizing `llms.txt`, sitemaps, robots.txt for AI crawlers
 - Submitting URLs to Google Indexing API and Bing IndexNow
-- Analyzing competitor citation patterns in AI answers
-
-## When NOT to Use
-
-❌ **DON'T use this skill when:**
-
-- General WordPress development (use `wordpress` skill if available)
-- Content writing or copy creation (human‑led task)
-- Paid search/SEM campaigns (different specialty)
-- Social media management or outreach
-- Local business listing management (e.g., GBP, Yelp)
-- Backlink building or outreach campaigns
+- Analyzing competitor citation patterns
 
 ## Core Philosophy
 
-- **AI models are black boxes** — Measure citation outcomes, not assume causality
-- **Position, then wait** — Site changes take weeks/months to reflect in AI indexes; canonry tells us *when* it happens, not *if*
-- **Signal‑over‑noise** — Trim keyphrase lists to high‑intent queries; avoid granular targeting until base visibility exists
-- **CLI‑native, UI‑optional** — Prefer API‑driven changes over manual CMS clicks; faster, repeatable, auditable
+- **Measure outcomes** — AI models are black boxes; track citations, don't assume causality
+- **Signal over noise** — Focus on high‑intent queries; avoid granular targeting until base visibility exists
+- **CLI‑native** — API‑driven changes over manual CMS clicks; faster, repeatable, auditable
 
 ## Toolchain
 
@@ -221,54 +208,7 @@ cat audit.json | jq -r '.factors[] | select(.score < 70) | "- \(.name): \(.score
 - **Client data stays private** — canonry repo is public; no real domains in issues
 - **Respect API rate limits** — batch operations, avoid tight loops
 
-## Output Templates
-
-### Audit Summary
-```
-## AEO/SEO Audit — https://client.com
-
-**Overall:** 66/100 (D)
-
-**Top strengths (A/A+):**
-- AI‑Readable Content (100) — llms.txt, llms‑full.txt present
-- FAQ Content (100) — FAQPage schema detected
-- AI Crawler Access (100) — robots.txt allows all bots
-
-**Critical gaps (F):**
-- Definition Blocks (0) — no "What is…" sections
-- E‑E‑A‑T Signals (45) — missing Person schema, author tags
-- Citations & Authority (44) — no external references to industry sources
-
-**Immediate actions:**
-1. Add H1 tag to homepage (Technical SEO: 60/100)
-2. Create "What is polyurea?" section on /services/ (Definition Blocks: 0/100)
-3. Submit all 5 URLs to Bing IndexNow (indexing: 2/5)
-```
-
-### Citation Report
-```
-## canonry sweep — client-project
-
-**Run:** 2026‑04‑03T13:44Z (ID: 4a45ebfc...)
-
-**Keyphrase visibility (12 tracked):**
-✅ polyurea roof coating — 3/3 providers
-✅ commercial roof coating — 2/3 providers  
-❌ polyurea roof coating Michigan — 0/3 (geo gap)
-❌ commercial roofing contractor Michigan — 0/3 (geo gap)
-
-**Changes since last sweep (2026‑03‑27):**
-- Lost `flat roof coating Michigan` on Gemini (−1)
-- Gained `industrial roof coating` on Claude (+1)
-- No change on ChatGPT (stable)
-
-**Next steps:**
-- Build Michigan location page (/michigan/)
-- Add county‑level references to llms.txt
-- Re‑sweep in 7 days
-```
-
 ---
 
 **Tools:** canonry v1.37+, @ainyc/aeo‑audit v1.3+  
-**Reference:** [AINYC AEO Methodology](https://ainyc.ai/aeo-methodology)
+**Website:** [ainyc.ai](https://ainyc.ai) | **Reference:** [AINYC AEO Methodology](https://ainyc.ai/aeo-methodology)

package/assets/agent-workspace/skills/canonry-setup/references/canonry-cli.md

@@ -139,7 +139,9 @@ canonry notify remove <project> <id>
 canonry notify test <project> <id>
 ```
 
-Available events: `citation.lost`, `citation.gained`, `run.completed`, `run.failed`
+Available events: `citation.lost`, `citation.gained`, `run.completed`, `run.failed`, `insight.critical`, `insight.high`
+
+`insight.critical` and `insight.high` fire when the intelligence engine generates critical- or high-severity insights after a sweep completes.
 
 ## Provider Settings & Quotas
 
@@ -326,6 +328,12 @@ canonry agent setup --gemini-key <key>           # monitoring provider keys (pas
 canonry agent setup --openai-key <key>
 canonry agent setup --claude-key <key>
 canonry agent setup --perplexity-key <key>
+
+# Webhook lifecycle
+canonry agent attach <project>                   # register agent webhook for project
+canonry agent attach <project> --format json     # JSON output
+canonry agent detach <project>                   # remove agent webhook from project
+canonry agent detach <project> --format json     # JSON output
 ```
 
 **Setup flow:** init canonry (if needed) → install OpenClaw (if needed) → configure profile → configure gateway → set agent LLM credentials → seed workspace with skills.
@@ -334,6 +342,8 @@ canonry agent setup --perplexity-key <key>
 
 **Re-running is safe:** setup is idempotent — it skips steps that are already configured.
 
+**Agent webhooks:** `canonry agent attach <project>` registers a webhook notification on the project so the agent receives events (`run.completed`, `insight.critical`, `insight.high`, `citation.gained`). Idempotent — skips if an agent webhook already exists. `canonry agent detach <project>` removes the agent webhook. When `autoStart` is enabled, the server auto-attaches webhooks to newly created or applied projects.
+
 ## Output Formats
 
 Most commands support `--format json` for machine-readable output.

package/assets/agent-workspace/skills/canonry-setup/references/wordpress-integration.md

@@ -55,3 +55,7 @@ canonry wordpress staging push mysite
 - If SEO meta is not writable through REST, canonry returns an actionable error instead of guessing
 - Duplicate slug matches are returned as explicit ambiguity errors with candidate page IDs/titles
 - Authentication is verified on connect by calling `/wp/v2/users/me` — if that fails, canonry returns an actionable error message
+
+## Related: Elementor MCP
+
+For programmatic management of Elementor page layouts, widgets, and styling via MCP tools, see the aero skill reference: [`skills/aero/references/wordpress-elementor-mcp.md`](../../aero/references/wordpress-elementor-mcp.md).