Notifications
Clear all
Topic starter
22/06/2026 10:20 am
TL;DR: Browser-based discovery can surface shadow AI agents created in tools such as Airbyte, Atlassian Rovo, ChatGPT Workspace Agents, Retool, and Zapier, closing an inventory gap that API-only approaches miss, according to Nudge Security. The governance issue is bigger than discovery: security teams cannot govern what they cannot reliably attribute, inventory, and review.
NHIMG editorial — what this means for AI and NHI governance
Questions worth separating out
Q: How should security teams discover shadow AI agents that do not expose a public API?
A: Security teams should combine platform API discovery with browser or session-based collection so agents created in the user interface are still inventoried.
Q: Why do shadow AI agents create a governance gap for IAM and NHI teams?
A: Shadow AI agents create a governance gap because they can hold persistent permissions, act on behalf of users, and connect to corporate data while staying outside normal inventory processes.
Q: What should organisations get wrong less often about AI agent inventories?
A: Organisations often treat discovery as a one-time cataloging exercise, but AI agent inventories age quickly as employees create, modify, and abandon agents.
Practitioner guidance
- Inventory agents at the point of creation Augment API polling with browser or session-based collection for platforms that do not expose a reliable public agent API, so shadow agents do not stay outside the control boundary.
- Require creator attribution for every agent Map each discovered agent to a human creator and retain that relationship as part of the asset record so access review, ownership, and escalation paths are unambiguous.
- Classify agent access by application risk Tag discovered agents by the systems and data they can reach, then prioritise review for agents connected to high-risk applications, public data, or sensitive workflows.
What's in the full announcement
Nudge Security's full analysis covers the operational detail this post intentionally leaves for the source:
- Browser extension workflow details for observing agent creation events in supported platforms
- The specific AI agent inventory fields that get enriched after discovery, including creator mapping and risk signals
- Platform-by-platform coverage notes for Airbyte, Atlassian Rovo, ChatGPT Workspace Agents, Retool, Zapier, and others
- How the research preview is enabled inside the browser extension settings
👉 Read Nudge Security's analysis of browser-based shadow AI agent discovery →
Shadow AI agent discovery beyond APIs: are controls keeping up?
Explore further
22/06/2026 11:12 am
API-only discovery creates a governance ceiling, not just a visibility gap. If an organisation can only inventory AI agents through platform APIs, then the control model is bounded by vendor exposure rather than by the actual agent population. That makes shadow AI agents structurally easy to miss in the places where employees are building them fastest. The practitioner consequence is that discovery strategy must be designed around incomplete platforms, not ideal integrations.
A few things that frame the scale:
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation, according to AI Agents: The New Attack Surface report.
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.
A question worth separating out:
Q: Who should own review and approval for discovered AI agents?
A: Ownership should sit with the identity, security, and application teams together, because discovered agents touch access, data, and business process at the same time. The accountable owner must be able to approve scope, challenge risky connections, and retire unused agents. If no owner can be assigned, the agent should be treated as an unresolved governance exception.
👉 Read our full editorial: Shadow AI agent discovery is exposed by API-only governance
