The operating question.
Shadow MCP audit methodology.
Shadow MCP discovery finds unmanaged MCP servers, agent connectors, OAuth grants, local developer tools, and AI delegation paths before they wire themselves into systems of record.
What to inspect.
- Developer machines, repos, CI/CD, browser agents, and local connector configs.
- OAuth grants, tool permissions, data egress, and unmanaged credentials.
- The workflow or business decision each path could influence.
Evidence output.
Each finding needs owner, tool path, data sensitivity, control coverage, remediation status, and whether it belongs in the board read.
Guidethe question, evidence, artifact, and action to sequence
Evidencethe source-linked facts needed for a defensible read
Next movehow the guidance connects back to the AI Audit