AI INVENTORY · AGENTS MASTER REGISTRY
Every agent. Every platform. One master registry.
Connectors pull each platform's agent registry — Azure AI Foundry, AWS Bedrock, Google Vertex AI, Salesforce, ServiceNow — into one master list, alongside the agents you run in Kosmoy. Every agent is matched against your approved use cases. The ones that don't match are your shadow AI.
An agents master registry is a single system of record for every AI agent an enterprise runs or uses — across hyperscaler agent platforms, SaaS agent builders and internal runtimes — reconciled against the company’s approved AI use cases. It answers the two questions every AI governance review starts with: what agents do we actually have, and which of them were never approved?
The Kosmoy Agents Master Registry is that record. Internal agents running in Kosmoy Action Capsules and external agents living on Azure AI Foundry, AWS Bedrock, Google Vertex AI, Salesforce and ServiceNow land in one list with the same record shape — provider, model, owner, type and state — and feed the same monitoring, governance and compliance evidence as everything else in the platform.
Connect → Harvest → Match
Connect
Connect the platforms where agents live: Azure AI Foundry, AWS Bedrock, Google Vertex AI, Salesforce, ServiceNow — plus the agents you build and run in Kosmoy. Each connector reads that platform's own registry.
Harvest
Pull every agent into one master list. Each record lands with its provider, model, owner and type — external agent, Capsule agent or assistant — and stays in sync within what the platform exposes.
Match
Reconcile the master list against the approved use-case registry. Matched agents are recorded and monitored. Unmatched agents are flagged as shadow AI and routed to review.
| Agent | Provider | Model | Owner | Type | Status |
|---|---|---|---|---|---|
| invoice-triage-agent | Azure AI Foundry | GPT-5 | Finance Ops | External | Governed |
| claims-summary-assistant | AWS Bedrock | Claude | Claims | External | Governed |
| crm-outreach-agent | Salesforce | Atlas | Sales Ops | External | Shadow AI — flagged |
| kyc-document-agent | Kosmoy Capsule | Fine-tuned SLM | Compliance | Capsule agent | Governed |
| field-dispatch-agent | ServiceNow | — | IT Service | External | Shadow AI — flagged |
| store-ops-qa | Google Vertex AI | Gemini | Retail Ops | External | Governed |
Illustrative registry view — agents harvested across platforms, matched against approved use cases.
Shadow AI: found, flagged, resolved.
Shadow AI is the models, tools and agents your central team can’t see — a business unit builds an agent on a sanctioned platform and never registers it, or a team adopts an AI feature inside a SaaS tool without telling anyone. The master registry is the comparison your governance committee and your auditors ask for: the AI systems that went through the approval flow, against the agents actually running across the company.
An unmatched agent doesn’t trigger a takedown — it becomes a registry entry under review. Assign an owner, classify the risk, register the use case, or retire the agent. The business unit keeps the platform it chose; the enterprise gets the accountability it was missing.
What the master registry does.
Cross-platform connectors
Azure AI Foundry, AWS Bedrock, Google Vertex AI, Salesforce, ServiceNow. Each connector pulls that platform's registry into the master list. The library expands with each release.
One record shape
Provider, model, owner, type — External, Capsule agent or Assistant — and state. Internal and external agents, same fields, one list.
Use-case matching
Every harvested agent is reconciled against the approved use-case registry: the AI that went through the approval flow versus the agents actually running.
Shadow AI flags
Unmatched agents are flagged and routed to review — assign an owner, classify the risk, approve the use case or retire the agent.
Risk classification link
Each entry connects to its EU AI Act qualification, role and obligations — and feeds the NIST AI RMF and ISO/IEC 42001 evidence bundles.
Audit and lineage
Every change to state, scope or ownership lands as an event on the audit trail. The registry is also the evidence.
Harvest sources
One list above every platform.
- Azure AI Foundry
- AWS Bedrock
- Google Vertex AI
- Salesforce
- ServiceNow
- Kosmoy Action Capsules
- Kosmoy Assistants
Module questions, answered straight.
What is an agents master registry?
An agents master registry (also called a master agent registry) is a single inventory of every AI agent an enterprise runs or uses, aggregated across the platforms where those agents live — hyperscaler agent services, SaaS agent builders and internal runtimes — and reconciled against the company's approved AI use cases. It is the foundation of agent governance: you can't govern agents you can't see.
Which agent platforms can Kosmoy pull agents from?
Connectors cover Azure AI Foundry, AWS Bedrock, Google Vertex AI, Salesforce and ServiceNow, plus everything built and run on Kosmoy itself — Action Capsule agents and assistants. The connector library expands with each release. Platforms without an API can be registered manually and tagged accordingly.
How does the master registry detect shadow AI?
By comparison. The approved use-case registry holds the AI systems that went through the approval flow. The master registry holds the agents actually running across every connected platform. Anything in the second list with no match in the first is shadow AI — flagged, assigned for review, and either approved into governance or retired.
Can Kosmoy govern the external agents it discovers?
Inventory, risk classification and audit evidence apply to every agent, wherever it runs. Gateway policy — guardrails, RBAC, budgets — applies to the traffic that routes through Kosmoy. Full runtime control, including the kill switch, applies to agents running inside Kosmoy Action Capsules. You can always inventory an external agent; you govern what routes through you; you contain what you run.
How is a master registry different from each platform's own agent list?
Each platform's registry sees only its own agents — Foundry sees Foundry, Salesforce sees Salesforce. Enterprise accountability needs the layer above them: one list across every platform, tied to approvals, risk classification and compliance evidence, owned by the enterprise rather than by any single vendor.
See the Agents Master Registry in action.
Connect a platform, harvest its agents, and watch the use-case match flag what was never approved.