Methodology

How we investigate your hotel

An honest look at what happens under the Ghost Scan name. Five stages, one human signoff, no exceptions.

Most audit tools do not show their work. This page does. Stiplo is a five-stage pipeline that combines deterministic rules, AI vision, multi-property comparison, and an investigative agent, with a human review pass before any report is delivered. Below is each stage, what it catches, and what it deliberately does not do.

The pipeline

Five stages, one human signoff.

Every finding has to survive both code and a human before it reaches you.

01

Crawl

Up to 30 mobile pages, screenshots and HTML captured

02

Deterministic

Rules we trust completely, run against every page

03

AI vision

Claude reads each screenshot across six topics

04

Cross-property

Compares your hotels to each other for entity drift

05

AI investigator

An agent that reads your site like a consultant

06

Human review

Every report read end to end before delivery

Stage 01 / Crawl

Capture, not interaction.

Up to 30 pages per property, mobile viewport, with screenshots and raw HTML captured. We use Firecrawl for URL discovery and Browserbase for live interactive testing on booking paths.

We do not log in. We do not interact with your booking engine or property management system. We do not pretend to be a real guest making a reservation. The crawler identifies itself in the user agent, respects robots.txt for non-AI bots, and runs at a conservative rate. There is no measurable SEO impact.

Stage 02 / Deterministic

The rules we trust completely.

These checks return the same answer every time. If a sitemap is missing, it is missing. If the security headers are absent, they are absent. There is no judgement call.

What is included:

  • ·AI crawler access (14 specific bots from GPTBot to PerplexityBot)
  • ·llms.txt presence and quality
  • ·Sitemap structure and freshness signals
  • ·Schema.org structured data, including required fields per type
  • ·OpenGraph and Twitter Card completeness
  • ·Core Web Vitals from real Chrome user data (CrUX)
  • ·Security headers (HSTS, CSP, X-Frame, Referrer-Policy)
  • ·Dead links, broken images, missing favicons, missing alt text

Why it matters: this is the layer AI assistants and search engines actually read when deciding whether to surface your hotel.

Stage 03 / AI vision

What the camera sees, the model reads.

Example. An expired Christmas promo from 2024 still live on a homepage in May. No deterministic rule catches that. The AI vision pass does, because it reads the screenshot the way a guest would.

We capture mobile screenshots and have Claude analyse each page across six topics:

  • ·Temporal integrity (expired promos, past events, seasonal mismatches)
  • ·Price and offer integrity (currency, tax, promo code validity)
  • ·Booking path health (CTAs, popups, console errors on booking widgets)
  • ·Content quality (placeholder text, layout breaks, translation issues)
  • ·Professional presence (hours, contact, policies, broken review widgets)
  • ·Legal pages and accessibility (privacy, terms, cookies, alt text, form labels)

How we keep it accurate:

  • ·Every visual finding has to clear a deterministic gate. If code cannot corroborate it, the finding is held back for human review by default.
  • ·Twenty bright-line post-filter rules dismiss findings that contradict observable site state. A privacy link in the page markdown blocks a “privacy missing” finding.
  • ·Interactive verification on booking paths: we click the CTA, watch for popups, and capture console errors from the booking widget.
Tested live against
Claude
ChatGPT
Gemini
Perplexity

Stage 04 / Cross-property

Defects only a portfolio audit can find.

Example. On a recent scan of a four-property European brand, a Munich page was emitting Cork’s full Hotel JSON-LD verbatim. Both pages displayed correctly to humans. To search engines and AI assistants, Munich looked like Cork. Single-property tools cannot see this.

This stage only runs if you have more than one property in the scan. It compares your hotels to each other and finds defects no single-property tool can see.

What it catches:

  • ·Schema entity drift. A property page emits another property's Hotel JSON-LD verbatim. More common than you would think on multilingual portfolios.
  • ·Duplicate body copy. A templated paragraph copy-pasted across properties without rewriting per location.
  • ·Missing localised variants. A property in Germany shipping English-only content with no German alternative declared anywhere.
  • ·Geo coordinate errors. Schema geo coordinates that fall outside the operator-supplied city, placing your hotel in the wrong country to AI assistants.
  • ·Title and meta description duplication. Sibling properties sharing so much title or description text that search engines cannot disambiguate them.

For a brand or group buyer, this is the layer to look at. A hotel group’s biggest risk is identity confusion between properties. Search engines and AI assistants merge or disambiguate listings based on this signal.

Stage 05 / AI investigator

The newest part, and the hardest to do well.

After the audit runs, an AI agent investigates patterns the rest of the pipeline cannot resolve on its own. It has a small set of tools (HTTP fetch, schema validation, search engine query, corpus grep, finding-detail lookup) and reads your site the way a hotel consultant would. It follows hunches, fetches evidence, and only files a finding when it can bind that finding to a specific tool call.

What it surfaces:

  • ·Strategic routing flags. A property quietly being routed through a sister domain in a way that confuses search and AI.
  • ·Agency claim inconsistencies. Marketing claims on the site that contradict what the rest of the site actually says.
  • ·Root-cause collapse. Multiple symptoms tracing back to one upstream cause, surfaced as a single fix.
  • ·Severity overlays. Re-ranking the importance of an existing finding based on context. A small bug inside a critical booking flow gets promoted.

How we keep it bounded:

  • ·Hard wall-clock cap of 90 seconds per investigation
  • ·Hard spend cap per investigation
  • ·Token budget guards between rounds
  • ·Every finding has to bind back to a specific tool call with evidence
  • ·Every finding goes through the same verification gate as the rest of the pipeline

Where it sits today: the investigator runs against every eligible scan, and its findings inform our team’s review of your report. Investigator-driven findings will appear directly in your dashboard once calibration confirms their accuracy is at the bar we set for everything else we ship.

The signoff

A human reads every report before it leaves.

Every Ghost Scan report is read end to end by a member of the Stiplo team before delivery. We dismiss findings that do not hold up, write the executive summary, and sign off. Hotel reputation is too valuable for “the AI says so.”

This is the slowest stage, on purpose. It is also the most important one.

The trust ledger

What we ship and what we hold.

We publish this because most AI tools do not. A check goes live the day we trust it, not the day it ships.

Live in your report

43

Accuracy proven, visible to customers

In calibration

62

Running in our admin queue, not yet in customer reports

Disqualifications

What we deliberately do not do.

  • ·We do not access your booking engine, PMS, or any internal system
  • ·We do not store or share your data with third parties
  • ·We do not affect your Google rankings (we crawl conservatively, identify ourselves, and follow standard rate limits)
  • ·We do not pretend to be a human guest making a real booking
  • ·We do not ship a check until we are confident it is accurate

See it on your hotel.

One free Ghost Scan, mobile, up to 30 pages, results in under 15 minutes. Or talk to us about your portfolio.

Run Ghost ScanTalk to us about your portfolio
hello@stiplo.io

We use essential cookies to keep the site working. No tracking or advertising cookies are used. See our Cookie Policy for details.