Rosteragent-as-actor · grounded in real telemetry
Agent Governance · Roster
Every agent we can see — discovered from the process behind each call.
What we observe
Identified by sourceExe + credential, enriched with pod/namespace and the MCP registry. We infer the agent from its runtime — we do not see its internal reasoning, system prompt, or goals.
5 agents4 governed1 discovered1 unowned
AgentRuntime · whereTools/ModelsRiskStatus
marketing-gpt
No owner assigned · first seen today, 40m ago
Identity
sourceExe: /tmp/agent.js
runtime: Node (ad-hoc script)
pod: mktg-misc-x7 · ns: marketing · img: node:18
user: root (is-root)
Credential
Bearer (unrecognized)
sha256:9f1c…0b
Governance
Not registered · no data scope
Models used
api.openai.com210 calls · 34M tok
104.18.32.7 ⚠ unapproved48 calls
api.unknown-llm.example ⚠ unapproved12 calls
Tools used
No tool calls observed.
Risk labels
is-rootdirect-ipauth-token
Spend (model tokens) · $0.9k/mo
Fields: sourceExe · podName · podNamespace · containerImage · sourceSystemUser · authTokenType · authTokenHash · endpointId · qscan sensitiveDataType · riskLabels · MCP contextId