Audiences · CISOs

Know what your agents
are talking to.

One request fans out into a cascade your perimeter tools can’t see, and you can’t tell what’s rogue from what’s sanctioned, or what data crossed which boundary. Backplanes reads the session telemetry your agents already produce and traces every hop — naming what they reached and whether anyone signed off. Read it as risk, with the receipts attached.

InstallSee the inventory

Free · Works with Claude Code & Codex · No agent changes

A Backplanes organization report — Security view

The view you live in

The Security view, plus a live external-access inventory.

The org report read as risk: the top three risks to act on, an at-a-glance row of 24 findings — one critical — and a severity-triaged findings table. Beside it, the inventory of everything your agents reach: 47 domains, 12 MCP servers, each marked sanctioned, needs review, or blocked.

Org report Security view — top risks and a severity-triaged findings table

Live component · external-access inventory

External access

90-day observed window · generated now · organization-wide

External domains
47
MCP servers
12
MCP tools
31
Skills
9
Needs review
3
All 99MCP servers 12MCP tools 31Skills 9Plugins 4External domains 47Needs review 3Blocked 1
ResourceKindStatusSessionsCallsReached byLast
github.comdomain · git + api.github.comDomainSanctioned412,890team12m
web-searchmcp_server:web-searchMCP serverSanctioned221,2046 engineers1h
api.stripe.comdomain · paymentsDomainSanctioned14312alex, maya2h
api.example-vendor.comdomain · not on allowlistDomainNeeds review347maya2d
filesystemmcp_server:filesystemMCP serverSanctioned186425 engineers3h
pdf-exportskill:pdf-exportSkillSanctioned753alex1d
browser_navigatemcp_tool:playwright/browser_navigateMCP toolUnreviewed18260maya4h
unknown-cdn.iodomain · first seen this weekDomainBlocked12sam3d

What it answers for you

What is it talking to, and is it sanctioned?

Q1

What are my agents reaching, and is it sanctioned?

The inventory lists every MCP server, tool, Skill, plugin, and domain in one place — 47 domains and 12 MCP servers — each marked sanctioned, needs review, or blocked. Right now 3 need review, so you know exactly where a decision is waiting.

Q2

What crossed a boundary I didn’t approve?

Egress and scope findings are traced across the cascade, hop by hop: production database credentials exposed to a public mirror, an agent that ran rm outside the sandboxed workspace, an API endpoint reached outside the egress allowlist. You see which boundary was crossed, and on which flight.

Q3

What needs a decision today?

Findings come triaged by severity — 24 in all, with the one critical surfaced first — and each carries its receipts. You hand the board or an auditor evidence, not adjectives.

Agents are the first piece of software deployed in enterprises that will actively circumvent things just to get the stuff done.

Security advisor · former enterprise CISO

Go deeper

The features behind the risk view.

MCP & external accessEvery MCP, tool, Skill, plugin, and domain your agents touched — one inventory.Org reports — Security viewThe top risks, triaged findings, and the receipts.

Get started

See what’s crossing your boundaries.

One install reads your agents’ sessions and writes the risk report — sanctioned, needs review, or blocked, hop by hop.

curl -fsSL https://www.backplanes.com/spotlight/install.sh | sh
Install Spotlight