Discover AI Inventory
A guide to the four Surface console views — Insights, Inventory, Endpoints, and Asset Graph — and how to use them to investigate your AI environment.
Surface gives you complete visibility into every AI asset running across your organization. The console is organized into four views — Insights, Inventory, Endpoints, and Asset Graph — each designed for a different level of investigation.
Asset Graph
Navigate to: console.superalign.ai/graph
The Asset Graph is a visual network map of your AI environment. It shows every discovered asset as a node and draws connections between assets that are related — giving you a structural view of how AI tools are linked across your organization.
Reading the Graph
Nodes represent individual assets. Their color reflects risk level:
- 🔴 Red — Critical
- 🟠 Orange — High
- 🟡 Yellow — Medium
- 🔵 Blue — Low
Edges (lines between nodes) represent relationships between assets — for example, a coding agent connected to MCP servers it can access, or a browser extension linked to the services it interacts with.
The Asset Types legend in the bottom-right corner shows which node colors correspond to which asset categories: Agents, MCP Servers, Skills & Services, Models, IDE Extensions, and Browser Extensions.
Filtering the Graph
The filter bar at the top lets you isolate assets by risk tier. Each filter shows a live count of assets at that level — Critical, High, Medium, and Low. Clicking a filter highlights only the matching nodes and dims everything else, making it easier to focus on a specific risk tier. Filters can be combined.
Searching for Assets
The search bar lets you find specific assets by name. As you type, a dropdown shows matching results tagged by asset type — Application, Browser Extension, IDE Extension, Skill, and others. Selecting a result focuses the graph on that asset and opens its detail panel.
Inspecting a Node
Click any node to open a detail panel on the right. The panel shows:
- Risk level — The asset's current risk rating (Critical, High, Medium, or Low)
- Asset type — The category of the selected asset (e.g. Coding Agent, Browser Extension)
- Endpoints — How many devices this asset appears on
- Connections — The total number of relationships this asset has with other assets
Connections are grouped by type. For example, a coding agent will list its connected MCP Servers and Skills as separate expandable sections, each showing the name and risk level of every connected asset.
This view is particularly useful for understanding blast radius — if a critical asset is compromised, which other assets does it touch, and how many?
Focus Mode
Clicking a node also activates Focus Mode, shown by a bar at the bottom of the graph displaying the asset name, connection count, and an Exit focus button. In focus mode, the graph renders only that asset and its direct connections, making it easier to trace relationships without visual noise. Click Exit focus to return to the full graph.
What to Look For
- Assets with high connection counts rated Critical or High are the highest priority. A coding agent or MCP server with dozens of connections represents a significant concentration of AI exposure — if compromised, the blast radius is wide.
- Critical MCP Servers warrant particular attention. Because MCP servers extend agent access to external systems, a critical-rated MCP server connected to multiple agents can serve as a pivot point across your environment.
- Clusters of interconnected High-risk nodes suggest areas where governance is most urgently needed.
- Isolated nodes with few or no connections may represent standalone tools that are easier to govern individually.
Insights
Navigate to: console.superalign.ai/insights
The Insights page is your top-level dashboard. It gives you a consolidated view of AI activity across your organization — tracking tool adoption, monitoring risk distribution, and surfacing emerging threats in real time.
Headline Metrics
At the top of the page you'll find two numbers:
- Unique Assets — The count of distinct AI-related tools discovered across all endpoints. Each tool is counted once regardless of how many devices it appears on.
- Instances — The total number of times those assets are installed or running across your fleet.
Together these numbers tell you both the breadth (how many different tools) and the depth (how widely distributed) of AI adoption in your organization.
Asset Type Breakdown
A row of cards breaks your inventory down by category, showing unique asset count and total instances for each type:
| Asset Type | What it covers |
|---|---|
| Agent | Autonomous AI systems that reason and act across tools and services |
| Skill | Modular capabilities registered to agents |
| MCP Server | Model Context Protocol servers extending agent access to external systems |
| Browser Extension | AI tools running inside the browser |
| IDE Extension | AI coding assistants integrated into development environments |
Scroll horizontally to see all asset type cards. A high MCP Server count warrants a review of agent access policies. A high Browser Extension count may indicate widespread unsanctioned tool usage.
Risk Breakdown
The Risk Breakdown section shows how your unique assets and total instances are distributed across four risk tiers:
| Risk Level | What to do |
|---|---|
| Critical | Requires immediate action |
| High | Should be reviewed promptly |
| Medium | Warrants monitoring |
| Low | Standard governance applies |
Each row shows the number of unique assets at that risk level alongside the total instance count across your fleet.
Interpreting your posture: A healthy environment should have zero Critical assets and a small High count relative to overall inventory. Pay attention to the ratio of unique assets to instances — a single High-risk tool installed on 50 machines is a higher priority than the same tool on one device.
Inventory
Navigate to: console.superalign.ai/inventory
The Inventory page is a complete, filterable list of every AI asset discovered across your organization's endpoints. Use it to review what exists in your environment, understand risk profiles, and identify gaps in governance coverage.
Reading the Inventory Table
Each row represents a single unique asset:
| Column | Description |
|---|---|
| Name | The name of the discovered asset |
| Status | Governance status — assets not yet reviewed show as Ungoverned |
| Asset Type | The category: Agent, Skill, MCP Server, Browser Extension, IDE Extension, etc. |
| Risk Level | The assigned risk rating: Critical, High, Medium, or Low |
| Endpoints | The number of devices on which this asset has been discovered |
Recommended triage workflow:
- Filter by Critical and High risk — review and govern these first
- Filter by Ungoverned to understand the full scope of unreviewed software
- Use the Endpoints count to prioritize assets with the broadest organizational exposure
- Review all MCP Servers regardless of risk level — their access to agent capabilities warrants extra scrutiny
Viewing Asset Details
Click any asset name to open a detailed page with three tabs:
Overview — Shows Asset Type, Status, Risk Level, and the total number of endpoints where the asset is detected.
Risks — Shows the specific types of risk signals associated with the asset.
Endpoints — Lists every endpoint where the asset is installed or detected:
| Field | Description |
|---|---|
| Hostname | The name of the device, email of the user, and operating system icon |
| Status | Whether the endpoint is Active or Inactive |
| Assets Discovered | Number of assets discovered on the endpoint |
| Asset Types | Types of assets discovered on the endpoint |
| Last Seen | The last time the endpoint reported activity to Surface |
Endpoints
Navigate to: console.superalign.ai/endpoints
The Endpoints page gives you a centralized view of every device reporting telemetry to Surface. Use it to monitor fleet coverage, track device health, and understand the AI footprint on individual machines.
Reading the Endpoints Table
Each row represents a device where the Surface Scanner is installed and actively reporting:
| Column | Description |
|---|---|
| Hostname | The device name and associated user |
| Status | Active (reporting) or Inactive (not reporting) |
| Assets Discovered | The total number of AI assets found on this device |
| Asset Types | Icon indicators showing which categories of AI assets are present |
| Last Seen | How recently the device last reported to Surface |
The Asset Types column gives you an at-a-glance view of the tool categories present on each device — useful for quickly spotting machines with MCP Servers, IDE extensions, or agents before drilling in.
Investigating an Endpoint
Click any endpoint row to open its detail view. The Asset Types tab lists every individual AI asset discovered on that device with three columns: Name, Risk Level, and Asset Type.
This view is useful for:
- Device audits — Reviewing what's installed before offboarding a user
- Incident investigation — Checking whether a device involved in a security event has high-risk AI tools installed
- Compliance spot checks — Verifying that devices in sensitive departments aren't running unauthorized software