LAYER 1 OF 7Gap

Discover

Central inventory of every agent, skill, MCP tool

Coming Q2 2026. TC already aggregates 96,233 skills scanned and 397 rules tracked across all Community sensors — the inventory dashboard builds on this existing telemetry backbone.

WHAT THIS LAYER DOES

L1 Discover answers the first question any CISO asks: what agents are running in our org, where, and with what tools attached? It aggregates inventory from every endpoint running pga up, surfaces each agent's platform, installed skills, MCP tool descriptions, and recent activity in a single searchable dashboard.

WHY YOU NEED IT

You cannot protect what you cannot count. F500 CISOs are being asked this week by their boards: "how many AI agents are running in our environment?" Most cannot answer. Shadow agents — agents spun up by individual engineers outside IT procurement — are already the majority by install count.

HOW IT WORKS

Planned architecture: Guard daemon registers with Threat Cloud on startup; TC aggregates per-tenant inventory with device_id + platform + skill hashes. CLI: `pga inventory`. Web dashboard at /admin/inventory. Q2 2026.

TRY IT NOW

Not live yet. Join the Team waitlist to be first when /admin/inventory ships.

Learn more

ATTACKS THIS LAYER CATCHES

Concrete threats, concrete controls

Shadow agent deployment

HIGH

Engineers install MCP skills or agent CLIs outside procurement, bypassing security review. Inventory makes this visible.

Unknown skill provenance

MEDIUM

Agents load skills from npm / GitHub / local paths. Without inventory the org cannot audit which skills are approved.

Next layer

L2 · Audit

One vendor, 7 layers — instead of 5 tools glued together

See all 7 layers See pricing

Back to 7-layer architecture