Back to blog

March 5, 2026

Announcing AI Agent Discovery: Open-Source Visibility Into AI Agents Across Your Enterprise

OpenGuardrails Team · Product & Security·10 min read·Open Source, AI Agents, Enterprise Security

Today, we're excited to announce AI Agent Discovery, a new open-source project from OpenGuardrails that helps organizations discover and inventory all AI agents running within their enterprise environment.

The Shadow AI Challenge

The adoption of AI agents has exploded. From autonomous coding assistants like Claude Code, Cursor, and GitHub Copilot to workflow automation platforms like Dify and N8N, employees are increasingly leveraging AI tools to boost productivity. But this rapid adoption comes with a critical challenge: visibility.

Security and IT teams are often in the dark about which AI agents are operating within their networks. This "Shadow AI" problem creates significant risks:

  • Data Exposure: AI agents may process sensitive corporate data without proper oversight
  • Compliance Gaps: Untracked AI usage can violate regulatory requirements
  • Security Blind Spots: Unknown agents represent potential attack vectors
  • Cost Sprawl: Unmanaged AI tool subscriptions lead to budget overruns

Introducing AI Agent Discovery

AI Agent Discovery is a lightweight, enterprise-ready tool that integrates with your existing EDR (Endpoint Detection and Response) infrastructure to identify AI agents across your organization.

Key Features

1. Comprehensive Agent Taxonomy

We've developed a 3-level classification system to organize the ever-growing landscape of AI agents:

AUTONOMOUS (Self-acting agents)

  • OpenClaw, NanoClaw, MoltBot
  • AutoGPT, AgentGPT, BabyAGI
  • Devin, OpenDevin, SWE-agent

ASSISTANT (Interactive chat-based)

  • Claude Desktop, Claude Code, Cline
  • ChatGPT Desktop, ChatGPT App
  • Cursor, GitHub Copilot
  • And more...

WORKFLOW (Automation orchestrators)

  • Dify, Dify Sandbox
  • N8N
  • Flowise, Langflow

2. Multi-EDR Support

AI Agent Discovery works with the security tools you already have:

  • CrowdStrike Falcon — Query via Humio API
  • Microsoft Defender for Endpoint — Query via Advanced Hunting (KQL)
  • Local File Import — For testing or custom integrations

3. Community-Driven Detection

Our detection signatures are community-maintained YAML files, making it easy to add support for new AI agents. Each signature defines process patterns, file paths, and network indicators that uniquely identify an agent.

4. Real-Time Dashboard

A built-in web dashboard provides instant visibility into:

  • Total agents detected across your environment
  • Distribution by agent type (Autonomous, Assistant, Workflow)
  • Per-endpoint and per-user breakdowns
  • Timeline of agent activity

5. Single Command Deployment

Get started in seconds with a single command: npx ai-agent-discovery

How It Works

  • Connect to your EDR platform using API credentials
  • Query process execution events using our detection patterns
  • Analyze results using our pattern matching engine
  • Visualize findings in the dashboard or export to CSV/JSON

Quick Start

Getting up and running is straightforward:

  • Install globally: npm install -g ai-agent-discovery
  • Initialize configuration: aad init
  • Edit config/config.yaml with your EDR credentials
  • Run a scan: aad scan
  • Or start the dashboard: aad dashboard

Why Open Source?

At OpenGuardrails, we believe security tools should be transparent, auditable, and community-driven. By open-sourcing AI Agent Discovery, we're enabling:

  • Transparency: See exactly how agents are detected
  • Customization: Adapt the tool to your specific environment
  • Community Contribution: Anyone can add signatures for new agents
  • No Vendor Lock-in: Works with multiple EDR platforms

Contributing

We welcome contributions from the security community! The easiest way to contribute is by adding detection signatures for new AI agents:

  • Fork the repository
  • Create a signature file in registry/signatures/
  • Add the agent to the taxonomy in registry/taxonomy/
  • Run aad validate to verify
  • Submit a pull request

Check out our Contributing Guide for detailed instructions.

What's Next

This is just the beginning. Our roadmap includes:

  • Additional EDR Integrations: SentinelOne, Carbon Black, and more
  • Risk Scoring: Automatic risk assessment based on agent capabilities
  • Policy Enforcement: Block or alert on unauthorized AI agents
  • SIEM Integration: Forward detections to your security operations center
  • Agent Behavior Analysis: Track what data AI agents are accessing

Acknowledgments

AI Agent Discovery was built with contributions from security researchers, detection engineers, and the broader open-source community. Special thanks to everyone who helped identify detection patterns for the growing ecosystem of AI agents.

AI Agent Discovery is released under the Apache 2.0 license. We encourage enterprises to deploy it, customize it, and contribute back to the community.

Ready to gain visibility into AI agents in your organization? Get started now: npx ai-agent-discovery