Agent Governance · Risk & Posture
Agent governance posture — and the open risks behind it.
How this is computed
Posture and findings are computed from observed actions — ownership, authorization stance, data exposure, guardrail coverage — not self-reported by the agents.
Dragged down by an unowned root agent acting freely and a default-allow stance — both let actions through with no identity check.
Posture by category
agent-native dimensions1 agent unowned · 1 runs as root and is taking actions.
Default authorization stance is ALLOW — actions permitted unless explicitly denied.
1 agent sent PII (EMAIL_ADDRESS, US_SSN) to an unapproved model.
3 of 4 guardrails on — but 'Require owner before action' is OFF.
4 of 5 agents governed (in the MCP registry with a data scope).
Open findings
5 open · sorted by severity4/5
governed
1
unowned
ALLOW
auth default
1
PII exposure
1
guardrail gap
Fields: sourceExe ownership · sourceSystemUser (is-root) · defaultDomainAction · action · qscan sensitiveDataType · @qpoint guardrail packages · riskLabels