AI System Registry

A single inventory of every AI system your organization runs — with risk classification, ownership, and the scopes that bound what each one can do. Required by the EU AI Act, useful for everyone.

Why a registry

The EU AI Act requires organizations to inventory AI systems and classify them by risk. Even without regulatory pressure, knowing what AI is running is step one of governance — you cannot deny what you cannot name. Stryda's registry is populated automatically: as soon as a new MCP client connects or a new agent is registered, it appears here with its scope, owner, and audit footprint.

What gets registered

Agents

Autonomous AI agents registered with their model, scope, and MCP client identity. Every tool call through /api/mcp is attributed to one of these.

MCP clients

Claude Desktop, Cursor, and custom clients connected via bearer tokens. Kind is tracked in the PlatformConnection config.

Workflows

Multi-step automations containing AI nodes. Stryda discovers Zapier Zaps, n8n flows, and Make scenarios once their OAuth connector is authorized.

LLM providers

Connected models (Anthropic, OpenAI, Google) with per-call usage and spend tracking. Every prompt ties back to an agent and a scope.

Adapters

The external systems an agent can reach — Slack, Stripe, HubSpot, Gmail. Listed with the OAuth account each one is authorized against.

Risk classification

Every registered system receives a risk level based on data sensitivity, autonomy, and blast radius. Risk drives which policies apply, how long scopes stay valid, and how dense the audit sampling is.

Level	Typical systems
`low`	Internal-only outputs, no PII, no financial authority. Light audit sampling, standard retention.
`medium`	Customer-visible or writes to integrations. Full audit, standard approval gates where configured.
`high`	Processes PII, triggers payments, or makes consequential decisions. Dense audit, mandatory HITL on sensitive tools.
`critical`	Direct financial authority, regulated decisions, or protected-class impact. Approvals forced regardless of scope; scope grants are time-boxed.

Scopes are the contract

A scope is the set of tools (by name or namespace) + resource patterns an agent is authorized to use. For example: comms.slack.send limited to channels matching #ops-*. The scope travels with every MCP call as part of the ledger entry — so "what was this agent allowed to do" is never a lookup against live state, it is a permanent record.

Using the registry

Open AI Registry in the dashboard to see every registered system.
Filter by kind, risk, owner, or activity in the last 7 / 30 / 90 days.
Click a row to see its scope, the policies that apply, and the last 100 tool calls it made.
Export the registry as CSV or JSON — the evidence pipeline consumes it during compliance audits.