Agent Inventory
Agent Action Firewall automatically discovers and tracks every AI agent in your organization. As agents submit actions, the inventory builds a comprehensive profile including framework detection, behavioral patterns, and risk scoring.
How It Works
- Auto-discovery: Every time an agent submits an action, the inventory captures its metadata
- Framework detection: The system identifies which AI framework the agent uses
- Profile building: Activity patterns, tool usage, and behavioral baselines are tracked
- Risk scoring: Each agent receives a dynamic risk score based on its behavior
Framework Detection
The inventory automatically identifies 14 AI agent frameworks from action metadata and request patterns:
| Framework | Detection Method |
|---|---|
| LangChain | User-Agent header, tool naming patterns |
| AutoGen | Multi-agent conversation patterns |
| OpenAI Assistants | Function calling signatures |
| Claude/Anthropic | Tool use format |
| CrewAI | Crew/task delegation patterns |
| Semantic Kernel | Plugin invocation patterns |
| LlamaIndex | Query engine patterns |
| Haystack | Pipeline component signatures |
| Fixie | Agent protocol markers |
| SuperAGI | Task execution patterns |
| BabyAGI | Task chain signatures |
| MetaGPT | Role-based action patterns |
| Autogen Studio | Studio-specific headers |
| Custom | Manual classification or unrecognized |
Agent Profiles
Each discovered agent has a profile containing:
{
"id": "agent-001",
"name": "Payment Processor",
"framework": "langchain",
"framework_version": "0.1.x",
"first_seen": "2026-01-15T10:30:00Z",
"last_active": "2026-03-08T14:22:00Z",
"status": "active",
"risk_score": 0.35,
"risk_level": "medium",
"stats": {
"total_actions": 12450,
"actions_allowed": 11890,
"actions_denied": 340,
"actions_pending": 220,
"unique_tools": 5,
"unique_operations": 12
},
"tools_used": ["http_proxy", "stripe", "slack", "jira"],
"behavioral_baseline": {
"avg_actions_per_day": 180,
"peak_hour": 14,
"typical_tools": ["http_proxy", "stripe"]
}
}
Risk Scoring
Risk scores range from 0.0 (minimal risk) to 1.0 (critical risk), calculated from:
| Factor | Weight | Description |
|---|---|---|
| Denied action rate | 30% | Higher denial rates indicate risky behavior |
| Tool diversity | 15% | Agents accessing many tools may have excessive permissions |
| Sensitivity of tools | 25% | Financial/admin tools score higher |
| Activity anomalies | 20% | Deviations from behavioral baseline |
| Age/maturity | 10% | Newer agents receive higher scrutiny |
Risk Levels
| Level | Score Range | Meaning |
|---|---|---|
low | 0.0 - 0.25 | Normal behavior, well-established patterns |
medium | 0.26 - 0.50 | Some risk factors, monitor regularly |
high | 0.51 - 0.75 | Elevated risk, consider tighter policies |
critical | 0.76 - 1.0 | Immediate attention required |
API Usage
List All Agents
GET /v1/agents/inventory
Response:
{
"agents": [
{
"id": "agent-001",
"name": "Payment Processor",
"framework": "langchain",
"risk_level": "medium",
"risk_score": 0.35,
"last_active": "2026-03-08T14:22:00Z",
"total_actions": 12450
}
],
"total": 8,
"page": 1,
"limit": 20
}
Get Agent Detail
GET /v1/agents/inventory/agent-001
Filter by Risk Level
GET /v1/agents/inventory?risk_level=high&status=active
Dashboard
View the inventory at Dashboard > Agent Inventory:
- Agent list: All discovered agents with framework badges and risk indicators
- Risk overview: Distribution of risk levels across your agent fleet
- Activity timeline: Action volume per agent over time
- Framework breakdown: Pie chart of frameworks in use
- Alert feed: Notifications when agents change risk level
Policy Integration
Use agent inventory data in your policies:
package aaf.policy
# Require approval for high-risk agents
decision = "require_approval" {
input.agent.risk_score > 0.5
}
# Block unknown/unregistered agents
decision = "deny" {
not input.agent.id
}
# Stricter rules for new agents (less than 7 days old)
decision = "require_approval" {
agent_age_days := (time.now_ns() - input.agent.first_seen_ns) / (24 * 60 * 60 * 1000000000)
agent_age_days < 7
input.action.tool != "http"
input.action.operation != "GET"
}
Best Practices
Tip: Review new agents weekly. Check the inventory for unexpected agents that may indicate unauthorized AI deployments.
Tip: Set up risk alerts. Configure notifications when any agent crosses a risk threshold so you can respond quickly.
Tip: Use framework info for targeted policies. Different frameworks have different risk profiles; tailor policies accordingly.
Next Steps
- Anomaly Detection — Monitor agent behavior for anomalies
- Policy Engine — Write risk-based policies