Inspector, Agents, attribution & grants (Markdown)

<!--
  Full-page Markdown export (rendered HTML → GFM).
  Source: https://neotoma.io/es/inspector/agents
  Generated: 2026-04-27T12:48:38.071Z
-->
# Inspector, Agents, attribution & grants

Every write to Neotoma, observation, relationship, timeline event, source, interpretation, is attributed per row. Inspector exposes that attribution as a first-class concept so operators can answer questions like "which agents have written here?", "what tier did they sign in?", and "what is each agent permitted to do?". This is the surface for [AAuth](/aauth) in the Inspector UI.

## Agents list

The agents view (`/agents`) lists every distinct writer Neotoma has seen, derived from AAuth thumbprints, JWT subjects, and `clientInfo.name` fallbacks. Each row shows the resolved **trust tier** (`hardware`, `software`, `unverified_client`, `anonymous`), write counts, last-seen timestamp, and the active grant (if any).

inspector.neotoma.io/agents

Inspector

Neotoma

Dashboard

Conversations

Turns

Compliance

Activity

Feedback

Entities

Observations

Sources

Relationships

Graph Explorer

Schemas

Timeline

Interpretations

Agents

Agent grants

Settings

Agents

14 active identities · 8.2k writes · last 30d

hardware (3)software (8)unverified (2)anonymous (1)

| Agent | Tier | Alg | Writes | Last seen | Grant |
| --- | --- | --- | --- | --- | --- |
| claude-codeed25519:Aa…7Lk | software | EdDSA | 4,120 | 12:41 | default-write |
| cursor-agentes256:Bp…4Zq | hardware | ES256 | 2,810 | 12:30 | default-write |
| ingest-pipelineed25519:Cq…9Rt | software | EdDSA | 980 | 11:08 | import-only |
| operator (mac · SE)es256:Dr…2Yj | hardware | ES256 | 412 | 10:55 | admin |
| custom-script@myco- | unverified\_client | \- | 18 | Apr 24 | (none) |
| anonymous- | anonymous | \- | 4 | Apr 22 | (none) |

One row per distinct agent identity. Tier badges (hw / sw / unverified / anon) reflect the AAuth verification result.

◆

## Agent detail

Drill into an agent to see its public-key thumbprint, signing algorithm, JWT issuer/subject, capability grants, and a panel of recent writes scoped to that identity. The detail view is where operators decide whether to upgrade a tier (e.g. require hardware for write access) or revoke a key.

inspector.neotoma.io/agents/claude-code

Inspector

Neotoma

Dashboard

Conversations

Turns

Compliance

Activity

Feedback

Entities

Observations

Sources

Relationships

Graph Explorer

Schemas

Timeline

Interpretations

Agents

Agent grants

Settings

claude-code

EdDSA · software · 4,120 writes · last 30d

softwareattestation: none

Observations

3,402

last 30d

Relationships

612

last 30d

Sources

106

last 30d

Identity

thumbprint ed25519:Aa…7Lk  
iss=https://anthropic.com sub=agent:claude-code  
clientInfo.name="claude-code" v=2.4.1

Active grant

default-write

scope: store, retrieve, link · entity\_types: any · expires: 2026-07-31

Per-agent identity card with thumbprint, alg, attestation, grants, and a recent-writes activity panel.

◆

## Grants

Capability grants are typed entities that bind an agent identity to a scoped set of actions (e.g. `store`, `retrieve`, `link`, `correct`, `merge`) on a set of entity types, optionally with an expiration. Inspector renders them as first-class records with a history (granted, modified, revoked) and a reverse map back to the agents they bind.

inspector.neotoma.io/grants

Inspector

Neotoma

Dashboard

Conversations

Turns

Compliance

Activity

Feedback

Entities

Observations

Sources

Relationships

Graph Explorer

Schemas

Timeline

Interpretations

Agents

Agent grants

Settings

Grants

6 active · 2 expired

\+ New grant

| Name | Scope | Types | Agents | Expires |
| --- | --- | --- | --- | --- |
| default-write | store, retrieve, link | any | claude-code, cursor-agent | 2026-07-31 |
| import-only | store, link | transaction, receipt, file\_asset | ingest-pipeline | \- |
| admin | all | any | operator (mac · SE) | \- |
| read-only | retrieve | any | dashboard-bot | \- |

Capability grants: scope, allowed entity types, expiry, and the agents bound to each grant.

◆

## Trust tiers

-   hardware ES256 / EdDSA backed by a hardware key (Secure Enclave, TPM 2.0, YubiKey, Windows TBS). Highest trust, eligible for the strictest grants.
-   software Verified AAuth signature with a software-backed key. Trustworthy for most writes but not eligible for hardware-only grants.
-   unverified\_client No AAuth signature, but a meaningful `clientInfo.name`. Useful for triage; subject to stricter ACLs in future releases.
-   anonymous No signature, no usable client identity (or one of the blacklisted generic strings like `mcp`, `client`). Allowed for backwards compatibility but flagged in audit views.

◆

## Activity

Each agent detail page exposes a recent-activity stream, the same rows you'd see in the [timeline](/inspector/timeline), scoped to that one identity. Filters narrow by event kind, target entity type, or trust tier so you can answer "what did this agent write yesterday?" without leaving the page.

inspector.neotoma.io/agents/claude-code/activity

Inspector

Neotoma

Dashboard

Conversations

Turns

Compliance

Activity

Feedback

Entities

Observations

Sources

Relationships

Graph Explorer

Schemas

Timeline

Interpretations

Agents

Agent grants

Settings

claude-code · activity

last 24h · 218 writes

store (162)correct (12)link (44)

12:41storetransaction · Subscription · Vercelsw

12:30storeagent\_message · turn 4 (assistant)sw

12:30linkPART\_OF · turn 4 → conversation Q2sw

11:08storereceipt · vercel-2026-04sw

11:08linkEMBEDS · receipt → file\_asset (pdf)sw

Activity feed scoped to a single agent identity, with the same kind / type / tier filters as the global timeline.