Skip to main content
  1. Tags/

Supply-Chain

Seeing the AI Layer: Detecting Agents, MCP Servers, and IDE Plugins on Every Endpoint with osquery

Your EDR knows about processes and network connections. Your MDM knows about installed apps. Neither one knows that someone on your team is running an npx-fetched MCP server that has shell-exec capability and a plaintext secret baked into its config. agentic-detector is a cross-platform osquery extension that fixes that. One table — ai_tools — gives you the full AI software inventory per host: MCP servers, agent CLIs, IDE plugins, desktop apps, live network sockets, and the agent instruction files that tell AI what it’s allowed to do. Deployable through Fleet in minutes.

Mini Shai-Hulud: Detecting a Live npm Supply Chain Worm with Fleet

An active npm supply chain worm targeting developer credentials dropped on May 11, 2026. 42 TanStack packages (84 versions) directly compromised. The broader Mini Shai-Hulud campaign affects 175 packages across 17 namespaces. This is the detection approach we ran across 30 hosts using Fleet — and the critical caveat about what Fleet’s built-in npm table misses.