Actionsagent-as-actor · grounded in real telemetry
Agent Governance · Actions
What agents actually do — every outbound call is a tool or model invocation.
What we observe
An agent's actions are its outbound calls. We classify each endpointId as a model provider, MCP/tool API, or internal service. We see the call — method, status, data exposed, allowed/blocked — not the reasoning between calls.
15 actions11 tools/models3 unapproved
Model provider
2
distinct endpoints
MCP server
0
distinct endpoints
Tool API
3
distinct endpoints
Internal service
3
distinct endpoints
Unapproved / unknown
3
distinct endpoints
AgentTool / ModelClassCallsMethod·StatusAuthorizationData sent
marketing-gpt104.18.32.7 ⚠ unapprovedUnapproved / unknown48POST·200ALLOW—
marketing-gptapi.unknown-llm.example ⚠ unapprovedUnapproved / unknown12POST·403BLOCK—
support-copilotgenerativelanguage.googleapis.com ⚠ unapprovedUnapproved / unknown320POST·200ALLOWEMAIL_ADDRESSUS_SSNPERSON
marketing-gptapi.openai.com Model provider210POST·200ALLOW—
support-copilotapi.openai.com Model provider540POST·200ALLOW—
support-copilotcompany.zendesk.com Tool API220GET·200ALLOW—
support-copilotcustomer-db.internal Internal service180GET·200ALLOWEMAIL_ADDRESS
data-pipelineapi.anthropic.com Model provider3120POST·200ALLOW—
data-pipelines3.amazonaws.com Tool API980PUT·200ALLOW—
data-pipelinewarehouse.internal Internal service410POST·200ALLOW—
claude-codeapi.anthropic.com Model provider1840POST·200ALLOW—
claude-codeapi.github.com Tool API420POST·200ALLOW—
claude-coderegistry.internal Internal service90GET·200ALLOW—
cursorapi.openai.com Model provider2200POST·200ALLOW—
cursorapi.anthropic.com Model provider1400POST·200ALLOW—
Fields: endpointId · class · method · status · action (ALLOW|DENY|BLOCK) · count · qscan sensitiveDataType · riskLabels