← c16c16 / wf4 - Agent Control Plane — wireframe (wf4) / Data Protection·control-plane-v1-v1 · 2026-06-03 · draft
Qpoint
QP
Data Protectionseat-lensed · what agents touched & moved

Compliance · Data Protection

What sensitive data agents reached into — and who is accountable for it.

Your data-exposure surface: which sensitive paths were touched, who owns the agent that touched them, and where the privacy risk sits. Content scanning is the next step.

Bottom line

Agents touched 6 sensitive paths across 3 categories; 3 are high-severity (credentials/secrets). Most exposure attributes to mark@qpoint.io (4 opens); top path: ./.env. Prompt & response content is not yet inspected — today this is movement, not content.

Do nextReview owner attributionContent inspection — not yet built

6

sensitive paths touched

3 categories

3

high-severity exposures

credentials / secrets reached

3

owners attributed

who touched what

mark@qpoint.io

top exposure owner

4 opens

Sensitive access by category

opens · by severity
secret_file3 paths
6
cloud_credentials1 path
1
shell_history1 path
2

Sensitive access by user

who touched what — owner attribution
mark@qpoint.io2 categories · 4 openshigh
svc-support@qpoint.io1 category · 2 openshigh
(proxy-only, no identity)2 categories · 3 openshigh

High-severity exposure by agent

derived · Σ high-severity path opens per agent

Computed from each agent's sensitive_files: how many high-severity secret/credential paths each one reached into. The asymmetry tag reads data_access — when writes are large relative to reads, data is being produced and moved, not just read in.

AgentOwnerHigh pathsHigh opensRead / write
Claude Codemark@qpoint.io24320r / 45w
support-copilotsvc-support@qpoint.io1280r / 12w
marketing-gptroot11410r / 130w
Cursorjane@qpoint.io00210r / 88wwrite-heavy · data leaving
Codex CLIdev-7f3@duck.com00140r / 60wwrite-heavy · data leaving

Top sensitive paths

5 paths · 6 distinct touched
PathCategoryOpensSeverityLast seen
./.envsecret_file3high06-03 14:00
/var/secrets/zendesk.tokensecret_file2high06-03 13:50
~/.aws/credentialscloud_credentials1high06-03 13:40
~/.zsh_historyshell_history2low06-03 12:05
./config/secrets.yamlsecret_file1medium06-02 19:20

Prompt & response content inspection

preview · not built

Today's signal is data movement — which sensitive paths were opened and how much was written or streamed. It does not yet read what is inside an agent's prompts and responses. Content scanning ships with the DLP engine.

Secrets in prompts

API keys / tokens pasted into context

not inspected today

PII in content

names, emails, customer records

not inspected today

Source code

proprietary code in prompts or responses

not inspected today

Lensed by seat via ?seat (compliance). Derived: credPathRows · exposureByAgent (Σ high-severity opens) · read/write asymmetry — from app/data/c16-fleet.ts (agents[].sensitive_files · data_access · dlp).