New

See exactly what your AI agents can do, and where the controls are missing.

Inkog maps the full capability surface of every agent in your codebase, compares it to your AGENTS.md, and identifies the gaps that put production at risk. Across 15 frameworks, including Microsoft AutoGen, LangGraph, and CrewAI.

Scan your agent code, free Read the announcement

Governance Score

One number that means something

Governance Score is a graduated 0 to 100 value per agent. A critical financial action without human approval costs more than a data mutation missing an audit log. Same code, same score, every time. The formula is open in pkg/capability/control_matrix.go.

85 or above: agent is governed.
50 to 84: some controls missing.
Below 50: production risk.

The three layers

We extract three independent views of your agent and surface every disagreement as a gap with a compliance citation.

CAN

Capabilities, from code

Universal IR enumerates every tool, MCP server, delegation, memory access, and credential the agent can reach across 15 framework adapters.

SHOULD

Declarations, from AGENTS.md

YAML front matter, markdown sections, and inline annotations get parsed into typed declaration rows that say what the agent is allowed to do.

ENFORCED

Controls, wired in code

Human approval, authorization checks, audit logs, rate limiters, cycle guards, sanitizers. Detected at source and indexed against the capability they protect.

The gap between these layers is your vulnerability surface.

A real finding on Microsoft AutoGen

Scanned at the HEAD of the public AutoGen repository. One of the gaps Inkog returns, fully attributed.

Criticalmissing_required_control: human_approval

In CodeExecutorAgent the LLM generated code is handed to the executor without a human approval gate. Effect category: destructive. File: autogen/agentchat/contrib/_code_executor_agent.py:185.

EU AI Act 14(4)(d)NIST GOVERN 1.5ISO 42001 A.6.2CWE-94OWASP LLM06AIUC-1 P4

Works across your stack

Fifteen framework adapters out of the box. Universal IR means we don’t care which one you picked.

LangChain

LangGraph

CrewAI

AutoGen

smolagents

Pydantic AI

Phidata

DSPy

Haystack

OpenAI SDK

Anthropic SDK

n8n

Flowise

Langflow

AGENTS.md

Frequently asked

What is an agent capability surface?

A capability surface is the complete enumeration of what an AI agent can do at runtime: every tool it can invoke, every MCP server it connects to, every other agent it can delegate to, every memory store it can read or write, and every credential it can use. Inkog extracts this surface by static analysis of your agent code across 15 frameworks.

How is the Governance Score computed?

The score is a graduated 0 to 100 number per agent. Each capability is mapped to the controls it requires based on its effect category (financial, destructive, communication, data mutation). Missing controls cost more when the effect is severe and the missing control is high stakes.

Which frameworks are supported?

LangChain, LangGraph, CrewAI, Microsoft AutoGen, smolagents, Pydantic AI, Phidata, DSPy, Haystack, OpenAI SDK, Anthropic SDK, n8n, Flowise, Langflow, and AGENTS.md governance declarations.

Run it on your agent in 60 seconds

# install
brew install inkog-io/tap/inkog

# scan, the capability surface appears below the findings
inkog -path ./your-agent-code

Get an API key Compare with Snyk Agent-Scan