A risky agent — and no idea why.
For the security analyst — everything about one agent, in one place.
An agent shows up as high risk and you're left guessing. What did it read? What credential does it hold? What is actually dragging its score down? Triage means stitching that together by hand, one tool at a time.
Triage by archaeology.
Without one consolidated view, investigating a single agent burns an afternoon — and you still can't explain the score to anyone.
No explanation for the score
A number with no breakdown tells you an agent is risky, not which behaviors made it so or which one to fix first.
Scattered evidence
Identity in one tool, file access in another, token cost in a third. Nothing joins them to the agent that did the work.
No path to remediation
Even once you understand the risk, it's unclear what single change would move the agent out of the danger zone.
The whole agent, joined and explained.
Why this score
A ranked breakdown of the factors pulling the score down, so the highest-impact fix is obvious at a glance.
Identity, runtime, data, tools
Who owns it, what it runs on, which credentials it holds, which MCP servers and tools it reaches — on one screen.
What it actually touched
The sensitive files and paths this agent read or wrote, with severity, so exposure is concrete, not theoretical.
A clear next move
Remediation tied to the score impact — rotate this credential, govern this agent — with the point gain spelled out.
Understand any agent in one screen.
Why it's risky, what it touched, and the one change that fixes it.