In agent-driven environments, Bonfy closes the new gaps between user intent, execution surfaces, and control visibility by following the data itself, across humans, systems, and AI agents, rather than anchoring security to any single device, app, or control point.

From “what happened?” to “who (or what) actually did it?”

As Gidi’s Substack article (“AI Agents and the “Out-of-Body” Execution Exposure”) describes, AI agents and copilots turn a single prompt into multi-hop workflows that traverse LLM backplanes, orchestration layers, MCP servers, and downstream SaaS tools, making attribution murky and traditional controls unreliable. Bonfy’s entity-aware engine reconstructs that story at the data layer: it links each sensitive exposure or policy violation to the specific human, system, or AI agent involved, giving security teams clear attribution and risk scoring across both user- and agent-initiated actions.

Re-centering controls on the true execution surface

Because most “system-level” agents run in cloud frameworks (e.g., Copilot Studio, SaaS agent runtimes, OpenAI-hosted agents) instead of on endpoints or within a single SaaS app, endpoint- and browser-centric DLP never see the real execution path. Bonfy is built as a multi-channel, back-end architecture that connects directly to email, file stores, SaaS platforms, collaboration tools, AI systems, and AI agents, so it can inspect and govern content where it is actually processed and transformed, not just where a user happens to sit.

Repairing fragmented inspection paths in AI workflows

In the out-of-body execution model, key steps happen entirely as service-to-service calls: retrieval pipelines, MCP server invocations, and automations that bypass traditional inline controls like CASB, SWG, or SEG, leading to visibility fragmentation. Bonfy restores end‑to‑end context by inspecting data in three critical places: into AI systems and agents (input), out of them (output), and, via Bonfy’s own MCP server, during agent reasoning itself, so AI agents can ask “is this safe?” before they read, send, or transform sensitive content.

How Bonfy’s MCP server resolves the “out-of-body” gap

  • Agents are instructed in their prompt or policy to call Bonfy’s MCP server whenever they handle potentially sensitive content (for example, “verify with Bonfy that there is no PII in this summary before sending”).
  • During execution, the agent invokes Bonfy as a tool, Bonfy inspects the content using the same entity-aware brain and policies used for email and SaaS, and returns a risk-aware decision or classification.
  • The agent incorporates that result into its next step, proceed, redact, route differently, or escalate, making data protection a native part of the agent’s reasoning loop instead of an after-the-fact filter.

Navigating uneven control-plane maturity

Gidi notes that agent frameworks vary widely in identity propagation, governance hooks, and policy insertion points, which means enterprises can’t rely on uniform, platform-native controls alone. Bonfy deliberately decouples itself from any one framework by focusing on standard interfaces (connectors, SMTP, APIs, and MCP), applying one unified policy and automation engine across all channels so that the same contextual rules govern content in M365, Google, SaaS apps, custom GenAI workflows, and multi-vendor agent ecosystems.

Maintaining aligned context and authority as agents scale

When user intent, execution location, and data movement drift apart, policy enforcement, incident response, and ownership all become harder, especially as AI agents grow more autonomous. Bonfy’s knowledge graph and entity risk management capabilities track humans, customers, systems, and AI agents as first-class entities, linking their relationships and historical behavior to the data they touch so that organizations can understand not just what was exposed, but who or what is driving that risk and under which business context.

By making content- and entity-aware controls available at every stage, grounding, reasoning, and downstream action, Bonfy gives security teams a coherent, data-centric control plane that moves with AI agents wherever they execute, solving the out-of-body execution problem without forcing enterprises to redesign everything they already have.

Interested in a demo? Click here to schedule one.