Skip to main content

Findings for AI agents

Nudge Security generates findings when AI agents meet specific risk conditions, such as making external API calls, exposing hardcoded secrets, or lacking a technical owner.

Written by Velizar Demirev

Nudge Security generates findings for AI agents when specific risk conditions are met. Each finding has a defined trigger, severity, and recommended action.

For our Research Preview, Nudge Security can detect:

  • Agent makes external API calls

  • Agent is publicly accessible

  • Agent uses high-risk tools

  • Agent has an unauthenticated MCP connection

  • Agent has external service actions enabled

  • Agent has hardcoded secrets

  • Agent has no human-in-the-loop oversight configured

  • Agent accesses sensitive data sources

  • Agent uses unvetted community components

  • Agent has no technical owner assigned

  • Agent has outlived its creator (creator no longer active in the organization)

You can learn more about managing Findings here.

Related Articles
The AI agents inventory
Understanding the AI agent detail page
Understanding risk insights
Sending nudges for AI agents
Did this answer your question?