While we evangelize WebMCP as the future of Agentic SEO, we must also acknowledge the dark side. By exposing executable tools directly to the client-side browser context—and inviting AI agents to use them—we are opening a new vector for Agentic Exploits.

WebMCP is, effectively, a way to bypass the visual layer of a website. And for malicious actors, that is a promising opportunity.

Circumventing the Human Guardrails

Most website security is designed around human behavior or dumb bot behavior.

Cloaking—the practice of serving different content to search engine bots than to human users—has traditionally been considered one of the darkest “black hat” SEO tactics. Search engines like Google have historically penalized sites severely for showing optimized text to the crawler while displaying images or Flash to the user. However, as we transition into the era of Agentic AI, the definition of cloaking is undergoing a necessary evolution. We argue that “Agent Cloaking” is not only ethical but essential for the future of the web.

The ultimate form of “white hat cloaking” is Content Negotiation. It is the practice of serving different file formats based on the requestor’s capability.

HTTP Accept Headers

If a request includes Accept: application/json, why serve HTML?

• Human Browser: Accept: text/html. Serve the webpage.
• AI Agent: Accept: application/json or text/markdown. Serve the data.

The “Headless SEO” Approach

This approach creates the most efficient path for agents to consume your content without navigating the DOM. Instead of forcing the agent to: