Module · Activity Graph

Catch the toxic combinations before they fire

This is the piece no one else has. RenLayer builds a live graph of which humans, agents, models and tools touch which sensitive data, and automatically detects the lethal trifecta (the dangerous agents), with remediation and compliance references already written.

Get a free assessment Read the docs
Catch the toxic combinations before they fire in the RenLayer console
What it does

The compliance control plane for autonomous agents

The Activity Graph maps every relationship in your AI estate: humans, agents, models, MCP servers, MCP tools and the sensitive-data classes they reach. From any agent you can open its blast radius: the exact subgraph of data it can touch and the tools it can invoke. The question 'what could this agent reach?' stops being a guess.

Toxic Combination Detection watches for the lethal trifecta: untrusted input, exposed sensitive data and autonomous action. We flag an agent the moment it reaches two of the three without supervision, before the trifecta completes, and open a finding with the contributing traces, a suggested remediation and references to GDPR and the EU AI Act.

Because risk is relative, the k-anonymous Benchmark compares your posture against your sector without exposing raw data: only aggregates leave the tenant, and cells with fewer than five companies are suppressed.

Capabilities

What the Activity Graph gives you

Live activity graph

Humans, agents, models, MCP servers, MCP tools and sensitive-data classes, with every relationship between them rendered as an interactive graph.

Blast radius

Select any agent or credential and see the full subgraph of data it can reach and the tools it can invoke, with a depth control.

Toxic Combination Detection

Automatic detection of the lethal trifecta (untrusted input, exposed data, autonomous action), flagged at two-of-three without supervision, before it completes.

Findings with remediation

Each finding shows the A/B/C conditions, severity, contributing traces, a suggested fix and references to GDPR and the EU AI Act.

K-anonymous benchmark

Compare shadow share, sensitive-data exposure, agent-vs-human ratio and toxic-combination rate against your sector; only aggregates leave the tenant (k≥5).

Status workflow

Open, acknowledge, resolve or mute findings, with an audit trail of who did what and when.

What we detect

What we detect

  • Graph Human, agent, model, MCP server, MCP tool, sensitive-data class Every node and edge in your AI estate, kept live from real traffic.
  • Blast radius Reachable data and invokable tools per agent or credential The exposure surface of any identity, with adjustable depth.
  • Toxic combinations A: untrusted input · B: exposed data · C: autonomous action Critical when two or more hold without supervision; the lethal trifecta when all three do.
  • Benchmark Tools/company, shadow %, sensitive-data %, agent-vs-human %, toxic-combo % K-anonymous aggregates (k≥5); raw data never leaves the tenant.
  • Compliance GDPR · EU AI Act references per finding Each finding carries the regulatory context that justifies action.
How it works

Build, map, triage, benchmark

  1. Build the graph

    From proxied traffic and shadow capture, RenLayer assembles the live graph of identities, tools, models and sensitive data automatically.

  2. Open a blast radius

    Pick an agent and see exactly what data and tools it can reach: the question regulators and auditors actually ask.

  3. Triage toxic combinations

    Work the findings list by severity; each opens with conditions, contributing traces, remediation and compliance references.

  4. Benchmark and act

    See where you stand against your sector, then resolve or mute findings. Acting on findings requires a paid plan and an admin role.

Frequently asked questions

Frequently asked questions

What is the lethal trifecta?

The three capabilities that make an agent dangerous: access to sensitive data, exposure to untrusted input, and the ability to take autonomous action. When an agent holds all three without supervision, a single malicious input can turn into real damage. We flag the risk at two of three, before the trifecta completes.

How is the benchmark safe to join?

No raw data ever leaves your tenant. Only k-anonymous aggregates are shared, a minimum of five companies per cell, and the benchmark is opt-in, controlled by the tenant owner. You can use the whole module without enabling it.

How does this map to the EU AI Act and the AEPD?

The Activity Graph and Toxic Combination Detection give you the evidence regulators ask for: demonstrable control over which autonomous agents reach regulated data. Each finding carries GDPR and EU AI Act references, and the two-of-three threshold maps to the AEPD's reasoning on unsupervised automated decisions.

Can I see the graph for free?

Yes. Viewing the graph and the findings is free and creates the 'aha'. Acting on findings (resolving or muting them, and enforcing policy) requires a paid plan and an admin or owner role.

Start with a free AI security assessment

Get a free assessment View documentation