I built an AI agent that ran production technical SEO on a 12,000-URL site.
Keystone didn’t make recommendations. It shipped real code, fixed broken link networks, deployed and validated schema, and caught regressions the client wasn’t even looking for — on a daily schedule, under a two-tier human-approval guardrail.
Enterprise sites rot in the details.
DR77. ~690 blog posts. 12,000+ URLs on WordPress VIP.
Dr. Berg Nutritionals is a large, high-authority health site — the kind of surface area where technical debt hides.
Keeping a site that size technically clean — broken links, redirect chains, schema, sitemaps, citations, crawl health — is relentless, repetitive, detail-heavy work. A human does it slowly and inconsistently.
I wanted to prove a properly designed AI agent could own that entire workload: run it daily, unattended, at a quality bar and pace no single human matches — while staying safe on a live production enterprise site.
A supervised operator, not an autopilot.
I designed Keystone as an OpenClaw agent on a Mac mini, wired into the site’s real toolchain and running on a daily cron.
Each technical-SEO workstream — audits, link fixes, schema, citations, internal linking, health monitoring — became a defined workflow with its own tracking sheet as the system of record. The agent worked, logged, verified, and reported. I supervised through an approval model rather than by doing the work myself.
The key design choice was guardrails, not just autonomy: safe fixes shipped on their own; anything ambiguous blocked until I approved it.
— Design principle · Tier 1 / Tier 2 modelKeystone topology.
Triggers fire the agent. The agent drives the toolchain against a 12K-URL site. Safe work ships autonomously (Tier 1); ambiguous work escalates to a human-approval gate and loops back (Tier 2).
Two crons trigger the agent. Keystone drives the toolchain — WordPress VIP, Rank Math, GitHub, Ahrefs, Search Console, Cloudflare, and Sheets as the system of record — against the 12,218-URL site. Safe fixes execute on the Tier 1 path automatically. Ambiguous work is logged with an assessment and routed to the Tier 2 human-approval gate, which loops the approval back to the agent every four hours. Every change is backed up, written, then verified.
Agent Runtime
Site & Platform
SEO Layer
CDN / Cache
Audit / Data
Ops
One sprint. One agent.
March 2026 technical-SEO sprint · verified from the Slack record.
Discovery discipline over vanity counts: 25/25 “404s” were verified as already-redirecting, 9 genuine external-link fixes were made, and 16 were correctly identified as bot-blocking false positives and left alone. The standout catch — a Cloudflare cache-hit-ratio collapse (~33% → ~4%) that had persisted 7+ weeks. A regression no one was looking for.
What the agent did — and what it didn't.
Two separate ledgers. The left is this sprint’s work. The right is four years of engagement context, shown to frame the surface Keystone operated on — not attributable to this sprint.
A clean, closed audit backlog on a 12K-URL production site.
- Internal link network repaired — 24/24 pages, 36 links.
- Citations standardized to AMA format on a daily cron (~160 posts).
- Schema deployed and validated live — 8 sameAs profiles, FAQ coverage to 98.7%.
- Sitemap-cache bug root-caused to a non-firing WordPress hook.
- Hidden Cloudflare performance regression surfaced after 7+ weeks unseen.
- Executed autonomously on a daily schedule, full backups, write-then-verify — zero production incidents.
The broader Dr. Berg engagement (May 2022 – Apr 2026).
- Organic traffic grew ~57K → ~181K monthly visits (+217%, Ahrefs full-period).
- $8.86M in GA4 organic revenue attributed (Jul 2023 – Mar 2026).
- 2,074 URLs published through a separate AI content system.
- Domain Rating taken DR68 → DR77.
- Clean record: zero Google penalties, zero manual actions, zero FDA/FTC incidents.
These are engagement-wide outcomes shown as context — not results of the March sprint. They are not attributable to the Keystone agent.
Three fixes, at a glance.
How one run unfolds.
Keystone wakes, reads its memory files, and pulls the current audit state from Ahrefs and the tracking sheets.
Broken links repaired, citations reformatted, sitemaps and schema checked. Every change is backed up, then written, then verified against the live site.
Anything not clearly safe is logged with an assessment and blocked — routed to the human-approval gate rather than guessed at.
A run report lands in Slack: what shipped, what's pending, what needs a decision.
An approval cron checks for my sign-off. Once I mark an item "Approved," the agent unblocks and executes on the next pass.
I built the machine and ran it.
I designed the agent and every workflow, defined the Tier 1 / Tier 2 guardrail model, and wired it into the site’s toolchain.
I set the safety rules — backups-before-edits, write-then-verify, dev-before-prod, repo-as-read-only routed through the client’s developer — and supervised through approvals. I was the operator and architect; the agent was the execution layer I built and ran.