Agent and user responsibilities

What the agent does

• Turns your assessment goal into a plan you can review.
• Discovers reachable hosts, services, endpoints, technologies, and authentication surfaces.
• Tests inside the configured rules of engagement.
• Preserves evidence for findings and reports.
• Uses prior assets, findings, notes, credentials, and repository mappings when available.

What your team does

• Creates scopes that reflect authorized environments.
• Adds public domains, hosts, or internal CIDR targets.
• Deploys private runners when the target is internal or private.
• Adds business context, credentials, repositories, and asset profiles after discovery.
• Reviews plans, triages findings, accepts risk where appropriate, and starts retests.

Boundary