permitted.io is the visibility layer for the agent era. The IAM and CloudTrail equivalent for the AI agents and MCP servers your team is already running.
Small, sharp tools for the people who have to answer for what those agents did. Two are live today. The full platform is in development.
Inspect AWS IAM policies and see exactly which principals can reach what. Free, browser-only, no upload.
iamlens.dev →A reference MCP server and directory for understanding what tools your agents are exposing, and to whom.
permitted.io/mcp →The governance plane: continuous inventory, audit trail, and policy for every agent and MCP server in your org.
waitlist opens soonEvery company is quietly accumulating a fleet of AI agents, such as coding assistants, customer-support copilots, and MCP servers wired to internal systems. There is no IAM for this. No CloudTrail. No one can answer the basic question of which agent did what, on whose behalf, with what permissions.
permitted.io is the picks-and-shovels layer for that gap. Built for operators (founders, IT leads, agency owners) who need to know what is running before they need to defend it. Start with the free tools; the platform follows.