feat(docs): auto-publish framework to jentic docs site

Author: frankkilcommins

.github/workflows/publish-spec-to-docs.yaml

@@ -0,0 +1,29 @@
+name: Publish Specification to Docs
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - 'docs/specification/spec.md'
+  workflow_dispatch:
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Publish to jentic-docs
+        env:
+          GH_TOKEN: ${{ secrets.JENTIC_DOCS_TOKEN }}
+        run: |
+          bash scripts/publish-to-docs.sh ${{ github.sha }} ${{ secrets.JENTIC_DOCS_TOKEN }}
+
+      - name: Summary
+        if: success()
+        run: |
+          echo "✅ Specification published successfully" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "Check the created PR in jentic-docs repository." >> $GITHUB_STEP_SUMMARY

.gitignore

@@ -8,4 +8,5 @@ node_modules/
 deploy/
 deploy-preview/
 history
-coverage/
+coverage/
+.preview/

README.md

@@ -23,13 +23,21 @@ JAIRF is published as a Markdown specification designed for adoption, extension,
 
 Head over to [Jentic API AI-Readiness Scoring](https://jentic.com/api-score-preview) page, to see AI-readiness scoring in action.
 
+## Publishing
+
+Changes to `docs/specification/spec.md` on the `main` branch automatically publish to [jentic-docs](https://github.com/jentic/jentic-docs) via GitHub Actions. The workflow creates a PR with the updated specification.
+
+**Requirements**: Repository secret `JENTIC_DOCS_TOKEN` (GitHub PAT with `repo` scope).
+
+**Local testing**: `./scripts/publish-to-docs.sh --dry-run test-sha dummy-token`
+
 ## Maintainers
 
 See [MAINTAINERS.md](./MAINTAINERS.md).
 
 ## Contributing
 
-A `CONTRIBUTING.md` guide will be added shortly.  
+A `CONTRIBUTING.md` guide will be added shortly.
 Issues, discussions, and pull requests are welcome.
 
 ## License

docs/publishing/overview-template.md

@@ -0,0 +1,112 @@
+# API AI-Readiness Framework
+
+**Current Version**: {{VERSION}}
+**Last Updated**: {{TIMESTAMP}}
+
+[View Full Specification](specification.md){ .md-button .md-button--primary }
+
+## What is the API AI-Readiness Framework?
+
+The Jentic API AI-Readiness Framework provides a standardized methodology for evaluating how well an API supports consumption by AI agents, LLMs, and automated systems.
+
+Most APIs today are designed for human developers. They rely on documentation, implicit conventions, and tribal knowledge. AI agents need something different: **machine-readable semantics, predictable structures, and explicit operational contracts**.
+
+This framework defines **six scored dimensions** that measure an API's ability to be:
+
+- **Interpretable** — easily understood by reasoning systems
+- **Operable** — safe and predictable to execute
+- **Discoverable** — findable, indexable, and contextually exposed
+- **Governable** — aligned with secure and trustworthy practices
+
+The scoring model produces an overall AI-Readiness Index between **0 and 100**, mapped to five readiness levels that guide improvement efforts.
+
+## The Six Dimensions
+
+The framework evaluates APIs across six dimensions, grouped into three pillars:
+
+### Foundational & Developer Experience (FDX)
+
+**1. Foundational Compliance (FC)**
+Structural validity, standards-conformance, and parsability. Can modern API tooling reliably interpret this specification?
+
+**2. Developer Experience & Tooling Compatibility (DXJ)**
+Documentation clarity, example coverage, response completeness, and ingestion health. Is this API pleasant and predictable for humans and tools?
+
+### AI-Readiness & Usability (AIRU)
+
+**3. AI-Readiness & Agent Experience (ARAX)**
+Semantic clarity, intent expression, datatype specificity, and error standardization. Can AI systems infer purpose and constraints?
+
+**4. Agent Usability (AU)**
+Operational composability, complexity comfort, navigation affordances, and safety patterns. Can agents operate this API reliably and efficiently?
+
+### Trust, Safety, & Discoverability (TSD)
+
+**5. Security (SEC)**
+Authentication strength, transport security, secret hygiene, and OWASP risk posture. Can this API be safely exposed to AI systems?
+
+**6. AI Discoverability (AID)**
+Descriptive richness, intent phrasing, workflow context, and registry signals. Can AI systems locate and classify this API?
+
+## Readiness Levels
+
+The final AI-Readiness score maps to one of five levels:
+
+| Level | Score Range | Name | Meaning |
+|-------|-------------|------|---------|
+| **Level 0** | < 40 | **Not Ready** | Fundamentally unsuitable for AI or agents |
+| **Level 1** | 40–60 | **Foundational** | Developer-ready, partially AI-usable |
+| **Level 2** | 60–75 | **AI-Aware** | Semantically interpretable, safe for guided use |
+| **Level 3** | 75–90 | **AI-Ready** | Structurally rich, semantically clear, agent-friendly |
+| **Level 4** | 90+ | **Agent-Optimized** | Highly composable, predictable, automation-ready |
+
+## When to Use This Framework
+
+Apply this framework when you need to:
+
+- **Validate API designs** for AI-readiness during development
+- **Assess existing APIs** for compatibility with LLM-driven systems
+- **Establish governance controls** with measurable quality gates
+- **Improve discoverability** for AI agents searching API catalogs
+- **Benchmark API portfolios** across enterprise or ecosystem-wide collections
+- **Guide modernization** efforts with prioritized, actionable recommendations
+
+The framework works with OpenAPI 3.x and 2.x specifications. It's implementation-agnostic, vendor-neutral, and designed for both design-time validation and runtime assessment.
+
+## How It Works
+
+1. **Signal Extraction** — Measurable properties are extracted from the API specification (e.g., authentication coverage, example density, operation complexity)
+2. **Normalization** — Raw measurements are converted to a 0–1 scale using defined normalization rules
+3. **Dimension Scoring** — Normalized signals are aggregated into six dimension scores (0–100)
+4. **Weighted Harmonic Aggregation** — Dimension scores are combined using a weighted harmonic mean to prevent weak dimensions from being masked by strong ones
+5. **Gating Rules** — Safety constraints (e.g., hardcoded credentials, missing auth on sensitive operations) cap scores where appropriate
+6. **Readiness Classification** — The final score is mapped to a readiness level with actionable guidance
+
+## Key Principles
+
+**Validity ≠ Usability**: A syntactically valid OpenAPI specification doesn't guarantee an API is interpretable by AI systems. This framework measures **semantic clarity and operational safety**, not just schema correctness.
+
+**Harmonic Penalization**: The scoring model uses a weighted harmonic mean rather than arithmetic averaging. Weak dimensions pull down the overall score more aggressively, ensuring balanced improvement across all areas.
+
+**Context-Aware Security**: Security scores are adjusted based on API sensitivity (low/moderate/high) and exposure (internal/partner/public). A public API with sensitive operations faces stricter requirements than an internal API.
+
+**No Silver Bullets**: There's no single fix that makes an API AI-ready. The framework identifies **prioritized improvements** across structural, semantic, operational, and security domains.
+
+## Related Resources
+
+- **[Full Specification](specification.md)** — Complete technical specification with normative requirements
+- **[Jentic Public APIs](https://github.com/jentic/jentic-public-apis)** — Collection of scored API specifications demonstrating the framework in practice
+- **Blog Posts**:
+  - [Why Most APIs Fail in AI Systems and How to Fix It](https://thenewstack.io/why-most-apis-fail-in-ai-systems-and-how-to-fix-it/) (The New Stack)
+  - [Is Your OpenAPI AI-Ready?](https://jentic.com/blog/is-your-open-api-ai-ready) (Jentic)
+  - [Scoring APIs for AI](https://jentic.com/blog/scoring-apis-for-ai) (Jentic)
+
+## Specification Metadata
+
+- **Version**: {{VERSION}}
+- **Last Published**: {{TIMESTAMP}}
+- **License**: [Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0.html)
+
+---
+
+**Questions or feedback?** Reach out to the [Jentic team](https://jentic.com).

docs/publishing/scoring-engine-status-template.md

@@ -0,0 +1,87 @@
+# Scoring Engine Implementation Status
+
+**Version**: {{VERSION}}
+**Last Updated**: {{TIMESTAMP}}
+
+This page tracks the implementation status of signals in the Jentic API AI-Readiness scoring engine.
+
+## Implementation Status Key
+
+| Symbol | Status | Description |
+|--------|--------|-------------|
+| ✅ | Implemented | Signal is fully implemented and tested |
+| 🚧 | In Progress | Signal implementation is underway |
+| 📋 | Planned | Signal is specified but not yet implemented |
+| ⚠️ | Partial | Signal is partially implemented or has known limitations |
+
+---
+
+## Foundational Compliance (FC)
+
+| Signal | Status | Notes |
+|--------|--------|-------|
+| `spec_validity` | ✅ | Binary check for valid OpenAPI |
+| `resolution_completeness` | ✅ | $ref resolution tracking |
+| `lint_results` | ✅ | Spectral/Redocly integration |
+| `structural_integrity` | ✅ | Schema coherence validation |
+
+## Developer Experience & Tooling Compatibility (DXJ)
+
+| Signal | Status | Notes |
+|--------|--------|-------|
+| `example_density` | ✅ | Coverage across eligible locations |
+| `example_validity` | ✅ | Schema conformance checking |
+| `doc_clarity` | 📋 | Readability scoring |
+| `response_coverage` | ✅ | Success and error response presence |
+| `tooling_readiness` | ✅ | Jentic ingestion health |
+
+## AI-Readiness & Agent Experience (ARAX)
+
+| Signal | Status | Notes |
+|--------|--------|-------|
+| `summary_coverage` | ✅ | Summary field presence |
+| `description_coverage` | ✅ | Description field presence |
+| `type_specificity` | 📋 | Datatype richness |
+| `policy_presence` | 📋 | SLA/rate-limit metadata |
+| `error_standardization` | ✅ | RFC 9457 usage |
+| `opid_quality` | ✅ | operationId coverage, uniqueness, casing |
+| `ai_semantic_surface` | 📋 | AI-oriented metadata bonus |
+
+## Agent Usability (AU)
+
+| Signal | Status | Notes |
+|--------|--------|-------|
+| `complexity_comfort` | ✅ | Endpoint count + schema depth |
+| `distinctiveness` | 📋 | Semantic similarity analysis |
+| `pagination` | 📋 | Paginated GET detection |
+| `hypermedia_support` | 📋 | HATEOAS/HAL/JSON:API |
+| `intent_legibility` | 📋 | Verb-object alignment |
+| `safety` | 📋 | Idempotency + sensitive op protection |
+| `tool_calling_alignment` | 📋 | LLM tool-calling compatibility |
+| `navigation` | 📋 | Composite of pagination + hypermedia |
+
+## Security (SEC)
+
+| Signal | Status | Notes |
+|--------|--------|-------|
+| `auth_coverage` | 📋 | Protected sensitive operations |
+| `auth_strength` | ✅ | Security scheme strength scoring |
+| `transport_security` | 📋 | HTTPS requirement |
+| `secret_hygiene` | 📋 | Hardcoded credential detection |
+| `sensitive_handling` | 📋 | PII field protection |
+| `owasp_posture` | 📋 | OWASP risk assessment |
+
+## AI Discoverability (AID)
+
+| Signal | Status | Notes |
+|--------|--------|-------|
+| `descriptive_richness` | ✅ | Semantic description quality |
+| `intent_phrasing` | 📋 | Verb-object clarity |
+| `workflow_context` | 📋 | Arazzo/workflow references |
+| `registry_signals` | 📋 | llms.txt, APIs.json, MCP metadata |
+| `domain_tagging` | 📋 | Domain/taxonomy classification |
+
+---
+
+**Last Updated**: {{TIMESTAMP}}
+[View Full Specification](specification.md) | [Back to Overview](overview.md)