Surface map
The inventory lists agents, extensions, skill roots, manifests and execution points that can affect code, data or credentials.
Inventory · Skills · VS Code extensions
A company cannot govern what it cannot see. AI agent inventory maps installed tools, skill roots, VS Code extensions, automations, permissions, origin and links to projects, people and controls.
01 Search intent
It is not enough to ask whether the company uses AI. The point is knowing where the agent runs, which skill it loads, which extension is active, what command it can execute and whether sensitive data can leave the environment.
02 What we deliver
The inventory lists agents, extensions, skill roots, manifests and execution points that can affect code, data or credentials.
Each item receives a practical classification: read, write, shell, network, credential, browser, message automation or API access.
Collection records names, versions, origin and scope. Secrets stay out of the report and out of diffs.
03 Workflow
Controlled scans identify skill directories, extensions, manifests, public configs and installed agents.
The result is organized by machine, user, project and organization to separate legitimate use from unapproved shadow AI.
Unapproved items, high privileges or unknown origin become risk, temporary exception or remediation action.
New skills and extensions enter the review cycle, just like dependencies and suppliers already enter security cycles.
04 Practical proof
“Which AI agent is running in my company?” is a simple, executive and urgent question. It opens the conversation with IT, security, compliance and development. Agent Safe Guard shows the practical layer: hooks, skill, installer and public rules that turn agent control into evidence.
05 FAQ
Not by default. Collection can start with manifests, names, versions, paths, permissions and origin. Secrets are treated as forbidden to read or print.
Yes. The concept is tool-independent: discover where there is an agent, extension, skill or integration with the power to act in the environment.
The platform can open risks, create evidence, record exceptions and keep recurring review. It is not just a report; it is a governance routine.