Agentic Posture Visibility
Agentic Posture Visibility for Cursor, Claude Desktop, Claude Code, Codex, and OpenClaw
See the structure before any AI verdict — deterministic, entirely without an LLM. EDAMAME Security inventories every coding agent on the machine, approved or not, with the MCP servers and tools each one binds, what it can reach, whether a governance harness wraps it, and how large its blast radius would be if compromised. A structural Flight Recorder keeps the history of what each agent touched: system, network, tools, files, communications. Each observation becomes a posture check that rolls up to EDAMAME Hub per device — no new console, no new pipeline.
Why visibility
Visibility first: deterministic, zero-config, no LLM.
Most teams cannot answer basic questions about the coding agents already on their machines: which agents are installed, which MCP servers and tools they bind, what they can reach, and what they have touched. EDAMAME answers these questions structurally, on day one, with zero configuration and no LLM — including agents nobody installed a plugin into. The same structural facts grade an OWASP GenAI Top 10 scorecard: evidence-backed answers, not a model opinion. When you then need a verdict on behavior, Agentic Security adds divergence scoring and attack-pattern detection on top.
Shadow-agent discovery
Every coding agent on the machine, approved or not, with observed-coverage validation — approve or acknowledge each agent, and inventory the MCP servers and tools it binds.
Reach and blast radius
A capability graph with trust zones spots over-provisioned reach. Blast radius is sorted by danger with confinement remediation for unconfined agents, and harness coverage flags agents running without a control plane such as AgentField or Rippletide.
Flight Recorder
A structural history of everything each agent touched — system and network activity, tool calls, file access, communications, and tool errors — ready for audit and incident review.
Fleet roll-up
Local observations. Fleet posture checks.
The visibility pass converts local observations into ordinary posture checks that ride the existing score and security-checks pipeline up to EDAMAME Hub: agents running without a governance harness, unconfined agents with a dangerous blast radius, capability-surface drift against the approved baseline, and discovered agents whose observer is paused. Define policy on these checks and enforce zero trust from EDAMAME Hub — for example, only authorize agents wrapped in a governance harness such as AgentField or Rippletide to connect to your IdP and providers.
See the structure on every host
EDAMAME Security runs the structural pass on the developer workstation; EDAMAME Posture runs the same pass headless on CI/CD runners, servers, and self-hosted agent hosts such as OpenClaw. No plugin inside the agent, no LLM in the loop.
• Agent inventory with observed-coverage validation
• MCP server and tool inventory per agent
• Agent SBOM diffed against an approved baseline
• Blast radius, trust zones, and harness coverage
Roll up to EDAMAME Hub
Each observation lands in the views a CISO already uses: the device score, the Security Checks catalog, per-device failed checks, Security Score events, and Engagement escalations. Define policy on any of these checks and EDAMAME Hub's posture-gated conditional access enforces it as zero trust — only compliant hosts stay on your IdP and provider allow-lists.
• Agents present but no governance harness
• Unconfined agents with a host amplifier
• Capability-surface drift vs the approved baseline
• Discovered agents with a paused observer
Every SDLC endpoint
Visibility across workstations, runners, and agent hosts
Agentic Posture Visibility is not workstation-only. The same structural pass covers developer workstations, CI/CD runners, isolated VMs, and self-hosted agent hosts — so the inventory, reach, and history questions get the same evidence-backed answer on every endpoint of the SDLC.
Developer workstations
EDAMAME Security inventories Cursor, Claude Desktop, Claude Code, and Codex on the developer machine — agents, MCP servers, tools, reach, and the full activity history.
Runners and agent hosts
EDAMAME Posture runs the same structural pass headless on CI/CD runners, isolated VMs, and self-hosted OpenClaw servers — the unattended half of the agentic SDLC.
OWASP GenAI scorecard
An OWASP GenAI Top 10 scorecard graded from the structural facts the visibility pass collects — evidence-backed answers, not a model opinion.
From visibility to security
When you need a verdict, add Agentic Security
Visibility shows the structure; Agentic Security judges behavior. The divergence engine compares declared intent with observed system behavior, attack-pattern detection watches the same telemetry for credential harvest and token exfiltration, and a critical finding can pull a host from your IdP and provider allow-lists through EDAMAME Hub.
Intent divergence
Compare what the agent says it is doing with what the machine actually does — processes, files, network, posture — and score the divergence on an evidence trail.
Attack-pattern findings
The same host telemetry detects credential harvest, token exfiltration, and sensitive-file access — the patterns behind the axios npm RAT, tj-actions, and litellm attacks.
Automatic isolation
Once an attack pattern or a divergence verdict is detected, EDAMAME Hub conditional access automatically isolates the compromised agent host from your IdP and provider allow-lists.
