Inventory Overview
Why This Page Exists
Choose the right inventory lens before reading raw tables.
Use the category jump when you need the right entity type.
Use the detail jump when you want to compare page storytelling patterns.
Use c6 only after the question and the likely answer are already framed.
Inventory categories
11
11 list pages and 11 detail pages
Inherited c6 baselines
10
Most categories link directly back to c6 raw pages
New entity
Repos
Added in c12 to bridge files into business context
Shared jump controls
2 selects
One for list pages and one for detail pages
Start Here First
Best first click when asking:
Which runs changed trust, scope, or boundary exposure enough to deserve review right now?
Session inventory should separate background activity from the handful of runs that actually changed trust, scope, or boundary exposure.
Best first click when asking:
Which credential lanes are unknown, weakly governed, or shared too broadly?
API key inventory should quickly separate known credential lanes from unknown or weakly governed ones, then show how broadly each lane is shared.
Best first click when asking:
Which hosts are trusted execution homes, and which ones weaken attribution or boundary confidence?
Endpoint inventory should show which machines anchor trust, which ones are unresolved, and where sensitive work is physically running before it behaves like an asset list.
Best first click when asking:
Which codebases carry the most company consequence, and how do raw files roll up into them?
Repo inventory should turn file and session evidence into business context: which services matter, who owns them, and where shared lanes make mistakes expensive.
What The Overview Should Decide
1. Decide which entity type owns the question
The page should help the reviewer choose sessions, keys, endpoints, repos, or another category without reading eleven pages first.
2. Set the reading order before evidence overload
A reviewer should know whether to read a category page or jump straight to a representative detail before scanning raw rows.
3. Keep c6 in its proper role
The c6 ledger should stay one click away for proof, but it should not be the first thing the user has to decode.
Choose A Category By The Question
Agents
3 observed
Best For
Which software lanes dominate execution behavior, and where is unfamiliar behavior entering them?
Agent inventory should show which software families dominate execution, what they depend on, and where unfamiliar behavior begins to appear.
Agent families
3
Users reached
12
Users
12 observed
Best For
Who is well understood, who is unresolved, and whose work carries the most consequence?
User inventory should answer who is trusted, who is unresolved, and whose work carries the most company consequence before it behaves like a directory.
Users observed
12
Unknown identities
1
MCP Servers
6 observed
Best For
Which tool surfaces widen reach enough that they need focused scrutiny?
MCP server inventory should show which tool surfaces widen reach, how broadly they are shared, and where health or labeling gaps change trust.
Servers observed
6
Tool surface
32 tools
Models
11 observed
Best For
Which model lanes matter because of cost, work shape, or external-provider consequence?
Model inventory should show which model lanes concentrate spend, boundary exposure, and session shape before it behaves like a pricing sheet.
Model lanes
11
Top spend lane
claude-opus
Capabilities
42 observed
Best For
Which capability surfaces change what agents are allowed to do in meaningful ways?
Capability inventory should show which tools or skills actually matter to execution, where error or privilege makes them risky, and which ones are just background utility.
Capabilities
42
High-power tools
6
Files
340 observed
Best For
Which files are routine substrate, and which ones materially change the trust story?
File inventory should show which paths carry real sensitivity, which sessions touched them, and how those files cluster into meaningful company context.
Files observed
340
Sensitive files
12
Secondary Calls
28 observed
Best For
Which downstream destinations are expected, and which ones become a boundary question?
Secondary-call inventory should show where AI activity crosses or approaches external boundaries before it behaves like a destination ledger.
Destinations
28
Distinct hosts
9
Representative Detail Comparisons
Sessions
sess_01XFa9q...
A session detail page should read like one coherent execution story: who ran it, what it touched, where it went, and why it deserves review now.
Duration
58m
Long enough to accumulate context
Tool calls
84
Dense enough to matter
Agents
claude-code@1.2.0
An agent detail page should explain one software lane end to end: who runs it, where it executes, what stack it depends on, and how its behavior is changing.
Org reach
31 sessions
Highest-volume agent lane
Broad use
12 users
Broadest human reach in scope
Users
alice@company.com
A user detail page should connect identity, preferred stack, machine footprint, and notable activity patterns into one readable operator profile.
Sessions
6
Recent work volume
Primary agent
Claude Code
Repeated software lane
MCP Servers
filesystem@1.0.0
An MCP server detail page should make one server legible as a tool surface: who uses it, what it exposes, what transport it runs on, and where reliability or reach becomes risky.
Connected sessions
18
Broad reuse across work
Tools exposed
8
Most-used capability surface
Models
claude-opus-4-6
A model detail page should pair provider facts with the human and session patterns that make the lane operationally important.
Sessions
5
Small but high-consequence lane
Spend
$38.10
Top model total
API Keys
sk-ant-...C001
An API key detail page should explain one credential lane as a trust and blast-radius problem: who uses it, where it appears, and why the lane is ordinary or risky.
Linked sessions
4
One high-signal lane
Org posture
not allowlisted
Main trust break
Endpoints
alice-mbp.local
An endpoint detail page should make one machine legible as an execution environment: who uses it, what work appears there, and whether the host story is trustworthy.
Users
1
Strong owner fit
Sessions
6
Normal developer activity
Capabilities
tool:builtin:bash
A capability detail page should explain one tool or skill as an execution affordance: what it does, who uses it, and how it changes reach or risk.
Sessions
24
Broad session reuse
Invocations
340
High-demand tool lane
Files
.env
A file detail page should explain why one path matters: what type of file it is, how often it is touched, which sessions used it, and what broader company context it belongs to.
Sessions
3
Touched in several related runs
Operations
5
Mostly reads, one edit
Repos
auth-service
A repo detail page should explain one service lane as company context: what the repo does, who owns it, what sensitive files cluster inside it, and which sessions or credentials make it urgent.
Sensitive files
5
Config and auth code cluster
Linked sessions
4
Several sessions touch the repo
Secondary Calls
api.github.com
A secondary-call detail page should explain one destination as a boundary story: who called it, what company context was nearby, and whether the destination fits expectation.
Sessions
4
Shared by several runs
Calls
12
Steady reuse pattern