One <script> tag. Every candidate who hands you a PVAIO-signed resume gets a verifiable green check on your careers page. No API keys, no CORS, no backend.
<script src="https://octodrives.com/api/badge/embed.js" defer></script><span data-pvaio-root="PASTE_MERKLE_ROOT_HERE"></span>The span turns into a clickable badge linking to /verify/<root>. You can add data-pvaio-label="Senior Eng" to override the left side. Dynamic content (SPA, list virtualization) works automatically — we watch for new matching elements.
Works from any Markdown renderer. The SVG is cached at the CDN for 1 week per root — when a candidate regenerates their optimization (new root) they get a new badge URL.
{
"state": "verified",
"policyMode": "strict",
"fabricatedCount": 0,
"verifyUrl": "https://octodrives.com/verify/<root>",
"label": "resume",
"pillText": "PVAIO strict",
"pillColor": "#15803d"
}ATS integrations can use this to surface PVAIO verdicts natively without parsing SVG. The full cryptographic envelope (signature, merkleRoot, resumeHash, jobHash) is available at /api/optimized/verify?root=<root>.
The badge is cryptographic, not cosmetic. It turns green only when the candidate's exported PDF/DOCX carries a Merkle root that rebuilds correctly and whose HMAC signature validates under this deployment's signing key. Tampering invalidates the badge immediately; regenerating under a new policy produces a different Merkle root and therefore a different badge.
Read the verification contract or the open spec.