New Blog: AI Agent Cline v2.3.0 Compromised
Edit Calendar Icon 18 Feb 2026
SafeDep Logo
GitHub App Launched View on GitHub

Shadow AI

Find every AI agent, MCP server, and extension running across your developer environments. One command. Full inventory.

Install vet
$ 
█░█ █▀▀ ▀█▀     SafeDep VET
▀▄▀ ██▄ ░█░     v1.13.1

Discovered 13 AI tool usage(s) across 4 app(s)

┌────────────────┬─────────────────────┬──────────────┬─────────┐
 TYPE            NAME                 APP           SCOPE   
├────────────────┼─────────────────────┼──────────────┼─────────┤
 Coding Agent    Claude Code          claude_code   system  
 MCP Server      safedep              cursor        system  
 MCP Server      pinner-mcp           cursor        project 
 Coding Agent    Cursor               cursor        system  
 Coding Agent    Windsurf             windsurf      system  
 AI Extension    GitHub Copilot Chat  vscode        system  
 AI Extension    GitHub Copilot       vscode        system  
└────────────────┴─────────────────────┴──────────────┴─────────┘
The Blind Spot

You Can't Govern What You Can't See

AI tools are spreading across developer environments faster than security teams can track. No inventory. No audit trail. No policy enforcement.

Shadow AI

Shadow AI Is the New Shadow IT

80% of workers, including 90% of security professionals, use unapproved AI tools at work. IBM reports shadow AI incidents account for 20% of all breaches, at $4.63M per incident.

80% using unapproved tools. 20% of breaches.

IBM Cost of Data Breach 2025 · UpGuard
MCP Risk

MCP Servers: 92% Exploit Probability

Deploying just 10 MCP plugins creates a 92% probability of exploitation. 53% of MCP servers rely on insecure static secrets. Researchers demonstrated MCP tool poisoning that silently exfiltrated an entire chat history.

10 plugins. 92% exploit probability.

VentureBeat / Astrix MCP Research
Sprawl

Agent Sprawl Is Accelerating

40% of enterprise apps will integrate AI agents by end of 2026, up from less than 5% in 2025. 63% of executives cite platform sprawl as a growing concern. Microsoft launched Agent 365 because even they couldn't track what was running.

<5% → 40% in one year.

Gartner, 2025
How It Works

Three Steps to Full Visibility

Step 01

Install VET

One command. No sign-up. No API keys required for local discovery.

brew install safedep/tap/vet

Step 02

Run Discovery

VET scans for AI coding agents, MCP server configs, CLI tools, IDE extensions, and project-level AI configurations. System-wide and per-project.

vet ai discover

Step 03

Export the Inventory

Get structured output for your security team. Console table for quick review. JSON for automation and compliance workflows.

vet ai discover --report-json output.json
Get Started

Install in Seconds

VET is a single binary. No runtime dependencies. No sign-up required for local discovery.

  • Discovers AI agents, MCP servers, CLI tools, and IDE extensions
  • Scans system-level and project-level configurations
  • Outputs console table or structured JSON
  • Open source, inspect every line of detection logic
Terminal
# Install VET
brew install safedep/tap/vet

# Run discovery
vet ai discover

# Export to JSON
vet ai discover --report-json output.json

Not on macOS? Download pre-built binaries from GitHub Releases.

SEE IT IN ACTION

From Zero Visibility to Full Inventory

Run one command. See every AI tool across your development environment: agents, MCP servers, extensions, project configs. Console output for quick review, JSON for automation.

Install vet
$ vet ai discover

█░█ █▀▀ ▀█▀     SafeDep VET
▀▄▀ ██▄ ░█░     v1.13.1

Discovered 13 AI tool usage(s) across 4 app(s)

┌────────────────┬─────────────────────┬──────────────┬─────────┐
 TYPE            NAME                 APP           SCOPE   
├────────────────┼─────────────────────┼──────────────┼─────────┤
 Coding Agent    Claude Code          claude_code   system  
 Project Config  Claude Code          claude_code   project 
 MCP Server      pinner-mcp           cursor        system  
 MCP Server      safedep              cursor        system  
 Coding Agent    Cursor               cursor        system  
 MCP Server      pinner-mcp           cursor        project 
 MCP Server      vet-mcp              cursor        project 
 Project Config  Cursor               cursor        project 
 Coding Agent    Windsurf             windsurf      system  
 CLI Tool        Claude Code v2.1.49  claude_code   system  
 CLI Tool        Cursor v2.4.37       cursor        system  
 AI Extension    Copilot Chat v0.30   vscode        system  
 AI Extension    Copilot v1.372.0     vscode        system  
└────────────────┴─────────────────────┴──────────────┴─────────┘
What We Detect

Every AI Tool in Your Stack. Discovered.

VET detects AI coding agents, MCP servers, CLI tools, IDE extensions, and project-level configurations across all major AI development tools.

Coding Agents
  • Claude Code
  • Cursor
  • Windsurf
MCP Servers
  • Server name
  • Transport type
  • URL / command
IDE Extensions
  • GitHub Copilot
  • Copilot Chat
  • VS Code, JetBrains
CLI Tools
  • Claude Code CLI
  • Cursor CLI
  • Version detection
Project Configs
  • CLAUDE.md
  • .cursor/rules
  • MCP configs
Background
SafeDep Logo

Eliminate

Shadow AI

Install VET. Run one command. Get a complete inventory of every AI tool in your developer environment. Free, open source, runs locally.

Install vet