I run a small audit on my own site every few weeks, mostly out of habit. Last month it came back with 19 open issues on a site I'd have sworn was in decent shape: six pages missing meta descriptions after a CMS migration, a broken internal link left over from a renamed pricing page, and a product schema block missing its offers field. Nothing dramatic, just the normal accumulation of small technical debt every site collects.
What made it interesting was where I fixed it: inside a Claude Code session, in the same terminal I already had open for the day's actual work. I didn't open the CMS, didn't grep through templates by hand. I asked the agent to read the report and fix what it could.
That's a fairly recent option. Two years ago the closest thing to this was exporting a crawl to a spreadsheet, sorting by issue type, and working through it row by row, or paying an agency to do the same thing slower. Now the report itself is shaped to be read by a model, and the model is sitting in the same session as your source code, which collapses "here's what's wrong" and "here's the fix" into one loop instead of two separate jobs handed to two different people.
What the workflow looks like end to end
The shape is simple: audit, read, fix, re-audit. In practice:
squirrel audit https://oldbrand.example --format llm--format llm renders the report as compact structured text instead of the colored console output, built to be read by a model rather than a person. Piped into an agent, or read directly by one over MCP, it looks roughly like this:
squirrelscan v0.4.2
========================================
Auditing https://oldbrand.example
Coverage surface · max 100 pages
Account nik@ourteam.dev · 1,240 credits
Crawled 34 pages in 41s
<report score="71" grade="C" issues="19">
<issue rule="seo/meta-description-missing" severity="high" pages="6">
Missing meta description
→ /about, /pricing, /blog/category/updates, +3 more
</issue>
<issue rule="crawl/broken-internal-link" severity="high" pages="3">
Broken internal link
→ /pricing links to /plans (404)
</issue>
<issue rule="structured-data/invalid-json-ld" severity="medium" pages="4">
Invalid JSON-LD: Product schema missing "offers"
</issue>
</report>
From there the agent does what any developer would: opens the templates behind /about and /pricing, writes meta descriptions that actually describe the page instead of a placeholder, finds the renamed route and fixes the link, and patches the JSON-LD block so it validates against schema.org's Product type. Then it runs squirrel audit again against the same URL and checks the score moved and the issue count dropped. That last step matters more than people expect: an agent that fixes something and never re-checks its own work is just guessing that the fix landed.
Doing this in Claude Code
Two pieces make this work without you narrating every step. First, the squirrelscan skill, installed with squirrel skills install, which teaches the agent the audit-fix-reaudit loop so you don't have to explain it fresh in every session. Second, the hosted MCP server, which gives the agent direct tool calls instead of shell piping:
claude mcp add --transport http squirrelscan https://mcp.squirrelscan.com/mcpOnce connected, a prompt like "audit this site and fix the high-severity issues" is enough. The agent calls run_audit, reads the report with get_report, works through list_issues for anything that needs more context, and implements fixes directly in your checked-out repo. For a larger batch of issues, plan mode is worth turning on first: it has the agent read the whole report and propose a grouped plan before it touches any files, which is a better review surface than watching individual edits scroll by. See squirrelscan for Claude Code for the full setup.
The skill and the MCP server do different jobs, and it helps to know which is which. The MCP server is the transport: it's how the agent actually calls run_audit, get_report, and the rest, whether over the hosted endpoint or the local squirrel mcp stdio server. The skill is the procedure: it tells the agent when to reach for those tools, what order to call them in, and what "done" looks like, so you're not re-explaining the audit-fix-reaudit loop at the start of every session. You can use the MCP server without the skill, prompting each step by hand, but the skill is what makes "just fix the issues" a complete instruction.
Doing this in Cursor
Cursor speaks the same Model Context Protocol Claude Code does, so the connection is a config file rather than a CLI command. Add this to .cursor/mcp.json in your project:
{
"mcpServers": {
"squirrelscan": {
"url": "https://mcp.squirrelscan.com/mcp"
}
}
}Approve the sign-in prompt under Settings, and the same tools are available in composer mode. The workflow doesn't change: ask it to audit, let it read the report, point it at a batch of issues, review the diff. Full client setup, including API-key auth for CI, is in squirrelscan for Cursor.
What agents fix well
The pattern that emerged after a few of these runs: anything with one obviously correct answer is agent territory. Missing or duplicate meta descriptions, broken internal and external links, malformed or incomplete structured data, missing alt text, redirect chains, heading hierarchy that skips a level, non-descriptive link text, canonical tags pointing at the wrong URL after a migration. These are mechanical: there's a rule, there's a fix, and the fix doesn't require knowing anything about your business beyond what's already in the codebase. In my case, 14 of the 19 issues fell into that bucket and the agent handled all of them correctly on the first pass, including the JSON-LD fix, which meant reading the Product schema spec closely enough to know offers needed a nested Offer object rather than a bare price string.
It's also good at the tedious version of a mechanical fix: the same missing meta description pattern repeated across six pages, or the same broken link pattern showing up on every archived blog post that still points at a renamed category. A human doing this by hand tends to fix the first two carefully and get sloppy by the fifth. An agent applies the same care to page six as page one, because it's not bored.
One more thing worth setting up before you hand over a batch of fixes: a CI gate. squirrel audit supports --fail-on 'score<90' and similar thresholds, which exits non-zero when a build regresses a score instead of relying on someone noticing later. Wiring that into the same repo the agent is fixing means a bad fix (or a fix that broke something else) gets caught before it merges, not after.
What still needs a human
The other five needed a decision I hadn't made yet, not a patch I'd forgotten to write. One issue flagged a missing PostalAddress on a local-business schema block, and the honest answer was that the business doesn't have a public storefront, it's service-area only, so adding a fake address to satisfy the rule would have been worse than leaving the field out. Another flagged thin content on a category page that genuinely needs a content strategy decision, not a template fix: what's this page actually for, and what should live on it. An agent can tell you a page is thin. It can't tell you what your positioning should be.
The move that works well here is recording the decision instead of just skipping it, so the next audit (and the next person on your team) has the context: "this is a service-area business with no public storefront, so we're intentionally not adding a PostalAddress." That kind of note, left on the issue itself, is worth more than silently ignoring the finding every time it recurs.
There's a broader version of this same limit. An agent can tell you a title tag is 71 characters and will probably get truncated in the search result snippet, per Google's own guidance on title links. It can't tell you whether the title should lead with your product name or the problem it solves, because that's a positioning call tied to who you're competing against this quarter, not something visible in a crawl. Treat the audit as a list of "this needs a decision" versus "this needs a keystroke," and hand each to the right party.
Where to go from here
If you haven't run an audit yet, the website audit tool will show you what your own site turns up without installing anything. If you're already deep into agent workflows and want the fuller picture of how AI search and structured data interact, the SEO and MCP server guide covers the protocol side in more depth. Either way, the loop is the same one described above: point an agent at a report, let it fix what's mechanical, and keep the judgment calls for yourself.