Agent Keeper
Docs

Dashboard

The Agent Keeper dashboard gives security teams one control plane for AI agent usage across workstations, repositories, and identity groups.

Main Views

  • Posture: live posture, blocked actions, warning trends, and high-risk sessions.
  • Workstations: connected Claude Code, Cursor, Codex, Gemini CLI, Windsurf, Copilot, and Cowork clients.
  • Activity: searchable event stream for tool calls, policy decisions, and shield detections.
  • Policies: org defaults, agent-specific controls, MCP restrictions, and group overrides.
  • Investigations: suspicious sessions grouped into reviewable timelines.
  • Settings: API keys, notification routing, telemetry setup, billing, and team management.

Event Model

Each agent event captures:

  • Tool name and normalized action.
  • Verdict: allowed, warned, or blocked.
  • Detection pattern and severity when applicable.
  • Session, repository, branch, host, and identity context when available.
  • Policy source, including group overrides.

Operational Flow

  1. Connect the first workstation from /setup.
  2. Review the first events in /activity.
  3. Tighten Runtime Shield and tool policies in /team-overview?tab=policies.
  4. Add identity-provider groups when the team needs role-specific controls.
  5. Use /security and /investigations for ongoing review.