Oriant is designed for AI-tool discovery and enforcement, not data-loss
prevention. The Agent is a tunnel-only HTTPS proxy: it reads the destination
from the CONNECT request, but does not decrypt TLS, read prompts, inspect
responses, or store content.
Data sent to Oriant
For a catalogued host, the Agent sends an aggregated rollup request to the API.
The API uses the host to resolve the provider, then stores the provider slug in
Postgres. A rollup can include:
- the stamped work identity
- the matched AI provider
- the originating app or process when macOS can resolve it
- a time bucket, connection count, byte totals, and allowed/blocked action
The raw CONNECT host is sent to the API for that catalog lookup; the stored
rollup is keyed by provider, identity, app, and time bucket rather than by URL.
The Agent also scans local device evidence on a schedule. The shippable report
can contain installed AI-agent names, MCP server declarations, file paths, and
credential variable names. It never sends credential values or repository
contents. Repository inventory is local-only, although a matched configuration
or .env file path can appear as the location of a detected variable.
Data Oriant does not collect
Oriant never collects:
- prompt or response content
- request or response bodies
- URL paths or query strings
- raw headers
- per-request activity logs
Off-catalog traffic stays on the machine unless it crosses the threshold of the
local, centrally managed candidate-detection rules. Candidate reports contain
only a candidate host, app name when available, coarse time buckets, counts,
byte totals, reason codes, and the rule version.
Coverage boundary
Oriant does not provide DLP, prompt inspection, content classification, or
traffic visibility for applications that bypass the macOS system proxy. The
current endpoint Agent supports macOS on Apple silicon and Intel. Last modified on July 18, 2026