AI Agents Under Governance: Reco Maps Every Claude Agent Tool and Permission

The shift from using chatbots to deploying autonomous agents demands new governance layers. Reco's integration with Claude gives AI developers and security teams granular oversight of every agent's toolchain, permissions, and data access, treating each agent as a managed asset rather than an ungoverned black box.

On June 12, 2026, AI governance specialist Reco announced a significant extension of its platform: a bidirectional Claude Security integration that brings enterprise-grade oversight to Anthropic's Claude AI assistant across its two primary administrative surfaces—Claude Enterprise and Claude Platform. The move addresses a rapidly escalating challenge: as enterprises deploy AI agents capable of autonomously accessing applications, chaining tool calls, and moving data, traditional security tooling struggles to map the resulting risk. Reco's integration gives security teams visibility into who is using Claude, what tools and permissions the AI agents wield, and how that activity intersects with existing enterprise applications such as Okta, Salesforce, and Microsoft 365.

“

Reco's integration gives security teams visibility into who is using Claude, what tools and permissions the AI agents wield, and how that activity intersects with existing enterprise applications such as Okta, Salesforce, and Microsoft 365.

The integration is designed for the dual reality of Claude adoption. Claude Enterprise is the interface through which employees use the AI day-to-day, while Claude Platform is the development environment where teams manage API keys, workspaces, and agent deployments. Agents built on Anthropic's infrastructure often bridge these two worlds, operating between employee requests and backend systems. Reco connects the activity on both surfaces to the broader enterprise context, including identities, permissions, workflows, and data paths. This unified mapping allows security teams to assess risk not just from isolated AI usage, but from the complex interactions that arise when AI agents touch multiple systems.

Ofer Klein, CEO and Co-Founder of Reco, framed the integration as a maturing of the enterprise AI landscape. "Claude is becoming part of the enterprise operating fabric, not just another AI tool," he said. "Security teams need to understand who is using it, what agents and applications it connects to, what permissions are involved, and what risk is created when AI activity moves across the business." Reco's approach treats Claude with the same governance rigor as critical enterprise applications, a recognition that AI agents now occupy as sensitive a role as identity providers or CRM systems.

From a technical standpoint, the integration leverages Claude's Compliance API to pull activity data from Claude Enterprise, and the Claude Platform API to surface development-side configurations. This bidirectional data flow enables a comprehensive inventory: Reco maps each AI agent's model, version history, tools, permission policies, and connected MCP (Model Context Protocol) servers. Unlike conventional logging tools that might see only the user query and response, Reco captures the agent's full toolchain and access pathway, exposing risks like over-privileged agents, unapproved tool use, or agents that could leak data through connected services.

The integration also flips the script by allowing security teams to use Claude itself for investigation. Through the Reco Graph, analysts can query Claude to surface risk patterns, accelerating incident response and threat hunting. This represents an early example of a defensive AI model assisting in the governance of operational AI—a concept that will likely grow as agent ecosystems mature.

The announcement arrives at a pivotal moment. AI agent frameworks are proliferating, and enterprises are experimenting with autonomous workflows that carry significant operational and compliance risk. Without governance, a marketing agent could inadvertently pull sensitive financial data from an ERP system, or a developer agent could expose credentials through an improperly configured API call. Reco's integration aims to close this gap, providing a security baseline that could become as standard as SSO or CASB solutions.

For Anthropic, the integration strengthens Claude's enterprise value proposition. By partnering with a security-focused platform, Anthropic addresses one of the primary inhibitors to large-scale agent deployment: the perceived loss of control over data and actions. Enterprises that have been cautious about rolling out AI agents may find the combined offering compelling, potentially accelerating Claude's adoption in regulated industries.