Cross-Service Patterns
Recurring patterns and anti-patterns observed across multiple service audits.
These patterns are distilled from the DX Audit evidence base — agent experience audits of developer-facing products. Each is grounded in evidence from at least two services. Service links go to the corresponding audit report; supporting evidence may also come from observation logs, service briefs, or dated live checks.
Last updated: April 2026
Observed friction
Anti-Patterns
llms-full.txt endpoints 404 when tested
Signal
Both services had `llms-full.txt` endpoints that returned 404 when tested. In Stripe's case, published `llms.txt` files reference the missing `llms-full.txt` URL as complete documentation (service-brief-backed). GitHub's `llms.txt` files (on both `github.com` and `docs.github.com`) do not reference `llms-full.txt` (live-verified 2026-04-24); the 404 was discovered by an agent probing the endpoint directly.
Why it matters
An agent following the llms.txt spec or probing the conventional `llms-full.txt` location may attempt to fetch it as a comprehensive context source. A 404 is a silent dead end — the agent doesn't know what it missed. Where the file is explicitly referenced from `llms.txt` (as in Stripe), this is worse than not referencing it at all, because it creates a false expectation.
What good looks like
Publish a working `llms-full.txt` at the expected location, or return a clear signal that no full-file variant is offered rather than a silent 404.
Docs pages are JavaScript SPAs that return empty/partial content for non-browser fetches
Signal
Developer docs use client-side JavaScript rendering. Agents fetching pages via curl/WebFetch get incomplete HTML, empty content, or 503 errors. Critical information (e.g., Stripe's declined card test tokens table, GitHub endpoint docs) is missing from the fetched response.
Why it matters
Agents cannot render JavaScript. If documentation relies on client-side rendering, agents lose access to content that exists but isn't in the initial HTML response. This is the single largest friction source in the Stripe audit.
What good looks like
Serve docs as static HTML or provide a documented machine-readable alternative (`.md` suffix, API endpoint, or complete llms-full.txt).
Mitigations observed
GitHub provides programmatic docs APIs (`/api/article`, `/api/article/body`) that agents used effectively during the audit. Stripe docs also accept a `.md` suffix returning clean markdown, but this was a post-audit discovery (service brief); the audited agents tried `.md` variants on affected pages without success. A live check on 2026-04-24 found `docs.stripe.com/testing.md` returning markdown and including declined-card test data, so the current page state appears better than the March audited runs.
No sandbox or test environment
Signal
No dedicated sandbox, staging, or test mode. All API calls operate on production data. Testing requires disposable resources (test repos, test pages) and manual cleanup.
Why it matters
Without a sandbox, audit runs leave real artifacts that must be cleaned up. Residual test data accumulates. There's no way to reset to a clean state without manual intervention. For agents running automated workflows, this creates a lifecycle management burden.
What good looks like
Dedicated test mode with isolated data, test-specific API keys, and a "delete all test data" capability. Stripe offers both legacy test mode and newer Sandboxes — the strongest sandbox support in the corpus. Neither GitHub nor Notion has an equivalent.
What works well
Positive Patterns
llms.txt with agent-specific instructions
Signal
At least two audited services publish `llms.txt` files that go beyond listing doc links. Stripe's docs-side file includes an explicit agent-instructions section. GitHub's file surfaces agent-relevant integration surfaces and programmatic docs APIs, though the stronger characterisation ("directs agents to use programmatic docs APIs rather than parsing HTML") is service-brief-backed rather than directly report-backed.
Why it matters
A plain link index helps agents find docs. Agent-specific instructions help agents make better choices about which docs to use and which API paths to prefer. This is the difference between discoverability and guided discovery.
What good looks like
Stripe's "Instructions for Large Language Model Agents" section; GitHub's "Building with GitHub" section directing agents to programmatic docs APIs.
Structured error responses with documentation links
Signal
Both services return structured error responses with machine-readable fields. GitHub error responses consistently included `documentation_url` linking to the relevant API docs. Stripe error responses included `type`, `message`, and `request_log_url`; the later rerun also showed `doc_url` on at least some error responses. The error response itself tells the agent where to learn more.
Why it matters
An agent encountering an error often gets either a documentation link or a request log, plus enough structured fields to recover without searching. This closes the loop between failure and recovery in a single response.
What good looks like
Stripe's error response format (`type`, `code`, `param`, `message`, `doc_url`); GitHub's format (`message`, `documentation_url`, `errors[]`).
First-party MCP server
Signal
All three launch services offer official MCP servers with meaningful tool coverage.
Why it matters
MCP servers provide a purpose-built agent interface that can abstract away API complexity (authentication, pagination, encoding). Whether agents actually choose to use them (and whether the abstraction helps or hinders) is an open question — in all three audits, the agents discovered the MCP server but defaulted to the REST API.
Open question
None of the universal-baseline audits tested the MCP server as the primary interface. The `mcp-server` test-id is recommended for all three services.
These patterns come from the work. If you'd like this kind of audit for your own developer-facing product, get in touch →