AgentDiscover Scanner makes running AI agents visible
June 18, 2026
AgentDiscover Scanner is an open-source security tool designed to inventory AI agents across code, network activity, and Kubernetes environments.
What this is about
AgentDiscover Scanner by Defend AI Tech Inc. is an open-source tool for a problem growing quietly inside many teams: nobody knows exactly which AI agents are running in the stack, which frameworks they use, and where they connect.
The project is available as a GitHub repository and a GitHub Action. It fits the current agent wave because security teams cannot look only at models, prompts, or API keys. They also need an inventory.
What AgentDiscover Scanner actually does
The scanner describes itself as a tool for agentic identity and inventory. According to the repository, it detects agents in frameworks such as LangChain, AutoGen, CrewAI, and PydanticAI. Detection combines static analysis, network heuristics, and Kubernetes runtime visibility with eBPF.
The GitHub Marketplace page gives a clear case: a GHOST agent is an AI system making real API calls, consuming tokens, or potentially reaching sensitive data without matching source code or deployment evidence. AgentDiscover is designed to surface those gaps.
Why it matters
AI agents often begin as experiments. One team builds a Slack agent, another connects AutoGen to internal data, and a third starts a Kubernetes job for support automation. Three months later, nobody is fully sure which experiments are still running.
For security, compliance, and cost control, that is risky. A forgotten agent can generate API costs, send data to outside services, or run with permissions that were never meant for production. In 2026, security reports repeatedly stress that agents expand both the attack surface and the governance surface.
In plain language
Imagine a large workshop where new machines have been added for months. Some are labeled, some are still running in a corner. AgentDiscover is like a walkthrough with a clipboard and a power meter: it looks for machines, checks cables, and records which ones are actually running.
A practical example
A fictional SaaS company runs 80 Kubernetes workloads and several Python repositories. Developers have built five agent prototypes in six months. With AgentDiscover, the platform team could enable a CI scan and look for live AI connections in one namespace.
The report might show three expected agents, one old test workload connected to OpenAI, and one repository containing a CrewAI agent without an owner. That creates a worklist for shutdown, permission reduction, and documentation.
Scope and limits
- AgentDiscover can only detect what it has patterns or runtime signals for.
- eBPF and Kubernetes visibility require the right permissions and operational knowledge.
- Inventory is not the same as risk analysis; after a finding, a human still has to decide.
SEO & GEO keywords
AgentDiscover Scanner, Defend AI, AI Agent Inventory, Agentic Identity, GHOST Agent, Kubernetes eBPF, LangChain Security, AutoGen Security, AI Governance, GitHub Action
π‘ In plain English
AgentDiscover Scanner looks for AI agents that exist in code or runtime environments. It helps security teams find forgotten or undocumented agents.
Key Takeaways
- βAgentDiscover is an open-source scanner for AI agent inventory.
- βThe tool combines static analysis, network heuristics, and Kubernetes/eBPF signals.
- βIt is especially relevant for finding agents without ownership or deployment records.
- βFindings still need human review and governance decisions.
FAQ
Is AgentDiscover a classic vulnerability scanner?
Not in the narrow sense. Its focus is inventory, identity, and runtime traces of AI agents.
Does it run in GitHub Actions?
Yes, there is a GitHub Marketplace Action. Runtime visibility may require extra permissions.
Can AgentDiscover find every agent?
No. Custom agents without recognizable patterns or runtime signals can be missed.