We were testing Signal & Flow's user perspective agents: AI personas that browse websites and report back what they notice. The test site was a real UK plumber's website. The personas flagged the usual things like missing prices or a hidden phone number. Then one persona said something unexpected.
"That author line showing an agency email is really strange. Why is someone else's email on a plumbing company's website? It makes me wonder who actually runs this."
The site coynesplumbing.co.uk is a Milton Keynes plumber with good reviews and a clean design. You won't see anything unusual in a browser, but look at the page source and there's a WordPress author attribution embedded in the template. Tanglefox is the agency that built the site, and the author archive resolves to their email. To an AI persona or a cautious visitor who views source, it raises an immediate question: whose website is this, really?
What is a trust leak?
A trust leak is anything your website communicates that creates doubt. Most are visible, like stock photography. But some exist only in the code, metadata, or template defaults. They're not seen by a human scanning the page, but they are seen by search crawlers and AI systems.
1. The web designer's email in your template
WordPress assigns an author to every page. When a designer builds your site while logged in to their own account, your pages get attributed to them. For a business site that isn't a blog, this attribution serves no purpose and only creates a subtle risk to your authority.
The fix: In WordPress, go to Pages, then Edit, and change the Author in the right-hand panel to the site owner's account.
2. An outdated copyright year
The footer of most sites includes a copyright line. When that year is two or three years out of date, it sends a quiet signal that the site is abandoned. Reliability is the entire purchase decision for a tradesperson: 'untouched since 2022' is not a reassuring message.
The fix: Update the year now and ask your developer to make it dynamic so it updates automatically every January 1st.
3. Generic page titles
When a site is built from a template, page titles often come pre-filled as 'Home' or 'Services'. If these aren't updated, they become the title that appears in browser tabs and search results. 'Home | My WordPress Site' tells every visitor that the site was never properly finished.
The fix: Install an SEO plugin and check the title for every page. Each one should include your business name, the service, and the location.
4. The web designer's branding in your footer
A link to a third-party company in your footer raises a small but real question about who is actually behind the site. Your footer should be entirely focused on your business: contact details, links to key pages, and nothing that points away from you.
The fix: Check your footer for third-party links. If your designer included a credit link, you're usually entitled to remove it.
5. Schema markup with the wrong details
Schema is the code that tells Google your address, phone number, and hours. When a site is duplicated from another project, this often doesn't get updated. This creates a conflict between what your site says visually and what it tells Google in the background.
The fix: Use Google's Rich Results Test to check your homepage. Make sure the business name and phone number match what you actually want visitors to see.
The thing about invisible trust leaks
None of these problems show up on a standard review, but visitors notice and search crawlers read everything. The Coyne's finding was spotted by an AI persona in eight seconds. That's the new baseline for trust.