Methodology

How we find your shadow AI

No single source gives you the full picture. Ofreygo runs ten-plus discovery streams in parallel, then reconciles them into one landscape report. Here’s what that looks like.

Discovery sources

Where we look

SSO / IdP logs

Okta, Google Workspace, Entra — what apps have actually been signed into.

Expense data

Ramp, Brex, QuickBooks — API keys and SaaS on personal cards.

Slack / Teams search

Scoped queries for shared keys, prompts, and custom GPT links.

GitHub org scan

MCP servers, agent code, automation scripts, leaked credentials.

Drive / Notion crawl

Prompt libraries, SOPs, and "system instructions" docs.

Stakeholder interviews

Founder-led conversations with engineering, ops, marketing, finance.

What we catalog

Five categories

Tools

Every AI SaaS product with any sign of use at your company.

Agents

Custom GPTs, Claude Projects, Gems, n8n/Zapier workflows, MCP servers.

API keys

Every OpenAI, Anthropic, and provider key in circulation — who owns it, what it costs.

Prompts

System instructions and prompt libraries scattered across Slack, Drive, Notion.

Workflows

Multi-step automations that depend on AI — and the people who quietly maintain them.

What we don’t do

The things we will not touch

Modify, move, or delete anything in your systems
Read private employee DMs or personal accounts
Access customer PII without explicit, scoped authorization
Share findings outside your organization — ever
Keep persistent admin tokens after the audit closes

Ready to see your AI landscape?

Book a 20-minute call. We’ll walk through your current setup and decide together whether an Ofreygo Audit is a fit.

Book an audit call hello@ofreygo.com

Where Mission Meets Compliance