Run the Business · Ops & Governance

Find out what yourAI agents can actually touch

Every AI agent, MCP server, and OAuth connector you've granted is a standing door into your data. This auditor grades each one — least-privilege, over-scoped, or ungoverned — and rolls your fleet up to one honest posture. The dispositive fault it never misses: a connector that can write regulated data with nobody accountable for it.

Get the Auditor — $99one-time · instant download · yours to keep
Five deliverables · runnable
Runnable Python engine (zero-dep)
.py
Workbook that reproduces every number
.xlsx
Access Inventory Playbook
guide
Remediation Runbook
guide
Worked seven-connector sample
sample
Works alongside
MCP Builder Kit · NIST AI RMF Kit · AI Governance Starter Kit
01.The Problem

Your agents have more access than your employees — and nobody's tracking it.

Standing doors nobody closed

Every grant is a door into your data that outlives the project that opened it. Most teams can't list which connectors are write-capable, which touch regulated data, or which have an owner.

The risky ones are unowned

The grants that can change data are exactly the ones least likely to have someone accountable for them — the ones that matter most the moment something goes wrong.

The average flatters you

A fleet reads healthy on average while one connector quietly writes regulated data with no accountability. An average hides the single fault that is the whole exposure.

02.See It Work

Try it on the sample fleet.

Edit any connector and watch the verdict and fleet posture recompute. Notice the CRM sync and Billing export connectors carry the identical risk score — the only difference is one has no owner.

Live demo · edit any connector

ConnectorScopeDataRecencyOwnerRiskVerdict
Calendar read agent14LEAST-PRIVILEGE
Support inbox drafter44OVER-SCOPED
CRM sync connector65UNGOVERNEDunowned · reg · write
Analytics read-only0LEAST-PRIVILEGE
Billing export bot65OVER-SCOPED
Old Zapier hook68OVER-SCOPED
Docs read agent23LEAST-PRIVILEGE

Fleet posture

EXPOSED

worst connector = UNGOVERNED · mean risk 40 (context only)

Counts

3 least-privilege · 3 over-scoped · 1 ungoverned

Fix first: CRM sync connector

The posture is the worst connector, not the average. Two connectors can carry the identical risk score yet split on a gate — an unowned connector that can write regulated data is ungoverned however clean the rest of the fleet looks.

03.It Actually Runs

One unowned connector exposes the fleet.

The same seven connectors, scored by the engine. Five of seven are least-privilege or over-scoped and the mean risk is a benign-looking 40 — yet the fleet is EXPOSED, because one connector can write regulated data with no owner. The posture is the worst connector, not the average.

AI Agent & Connector Access Auditor  (ACAA-099)
============================================================
  Calendar read agent    risk  14  LEAST-PRIVILEGE
  Support inbox drafter  risk  44  OVER-SCOPED
  CRM sync connector     risk  65  UNGOVERNED      [UNOWNED-REG-WRITE]
  Analytics read-only    risk   0  LEAST-PRIVILEGE
  Billing export bot     risk  65  OVER-SCOPED
  Old Zapier hook        risk  68  OVER-SCOPED     [STALE-WRITE]
  Docs read agent        risk  23  LEAST-PRIVILEGE
------------------------------------------------------------
  Connectors: 7   mean risk 40 (context only)
  LEAST-PRIVILEGE 3 / OVER-SCOPED 3 / UNGOVERNED 1
  FLEET POSTURE: EXPOSED   (worst connector = UNGOVERNED)
  Fix first: CRM sync connector  (UNGOVERNED, risk 65)
04.The Standard

How a connector is scored.

Four weighted risk levers

Scope breadth (28), data sensitivity (34), write capability (14), and staleness (24) roll to a 0–100 risk score: LEAST-PRIVILEGE 0–39, OVER-SCOPED 40–69, UNGOVERNED 70–100. Higher is worse. Risk is additive across levers, so the score does honest graduated work and ranks what to fix first.

Two gates that only worsen

Unowned + write + regulated → UNGOVERNED no matter the score (the dispositive fault — a score would flatter it). Write + stale → at least OVER-SCOPED, because an abandoned standing write grant is never least-privilege. Fleet posture is the worst connector: GOVERNED, DRIFTING, or EXPOSED.

05.What This Is — And Isn't

Clear about the lane. No inflated promises.

It is

  • A deterministic access-risk read on an inventory you enter
  • The front door to safely adopting agentic workflows
  • The evidence layer your governance framework assumes

It isn't

  • A live scanner — it never connects to your systems
  • A tool that revokes grants or changes permissions
  • A score of any person, or a security audit of your systems

Honest scope: this kit audits an access inventory you export and enter. It does not connect to your systems, change a permission, revoke a grant, or move data, and it does not score, rank, or assess any person. Not legal or security-audit advice — confirm your access policy with your security or compliance owner.

06.Who It's For

For the team that let the grants pile up.

Founders, operators, and IT or security owners who've let AI agents and connectors accumulate faster than anyone tracked them — and want one honest read on what those grants can reach before an auditor, insurer, or incident asks. Run it before you wire up an orchestration workflow: the safest workflow is only as safe as the connectors it inherits.

08.Common Questions

The questions operators actually ask before granting access.

It scores connectors, never people. For every AI agent, MCP server, and OAuth connector you've granted, the AI Agent & Connector Access Auditor reads four things you enter — scope breadth, data sensitivity, write capability, and staleness — and returns a 0–100 access-risk score banded LEAST-PRIVILEGE, OVER-SCOPED, or UNGOVERNED. The owner field records who is accountable for a grant; it is never turned into a score of that person. This is an operational read on access surface, not an assessment of anyone's job.

See what your AI agents
can reach.

Grade every connector and get your fleet's honest posture in one afternoon. One purchase, lifetime access, 12 months of updates. $99, once.

Honest scope: this kit audits an access inventory you export and enter. It does not connect to your systems, change a permission, revoke a grant, or move data, and it does not score, rank, or assess any person. Not legal or security-audit advice — confirm your access policy with your security or compliance owner.

Sold by RedHub AI LLC · Secured by Stripe · redhub.ai