Skip to main content

Documentation Index

Fetch the complete documentation index at: https://quintsecurity.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

The Sessions page is your primary investigation surface. It shows what AI agents are doing, organized by platform and session.

Three-Level Drill-Down

Level 1: Platforms

The top level shows all detected AI platforms with aggregate metrics:
PlatformSessionsRiskLast Active
Claude Code142Medium2 min ago
Cursor89Low5 min ago
GitHub Copilot234Low1 min ago
Windsurf12High30 sec ago
Click any platform row to drill into its sessions.

Level 2: Session List

A filtered table of sessions for the selected platform. Each row shows:
  • Session ID — fingerprinted identifier
  • Device — which machine the session is running on
  • Agent — the specific agent instance
  • Risk Summary — aggregate risk level with contributing factors
  • Duration — how long the session has been active
  • Events — total event count
  • Status — active, completed, or flagged

Level 3: Session Detail

The full view of a single session, with:
  • Activity Timeline — chronological list of every event in the session, including tool calls, file operations, network requests, and model interactions
  • Risk Breakdown — which signals contributed to the session’s risk score
  • Context — what the agent was working on, files touched, commands run
  • Related Sessions — other sessions from the same agent or device

Supported Platforms

Quint detects and monitors 20+ AI agent platforms:

Claude Code

Anthropic’s CLI coding agent

Cursor

AI-powered code editor

GitHub Copilot

GitHub’s AI pair programmer

Windsurf

Codeium’s AI IDE

Aider

Terminal-based AI coding

Continue

Open-source AI assistant
Additional platforms: Cody, Tabnine, Amazon Q, JetBrains AI, Replit Agent, Devin, OpenHands, SWE-Agent, Mentat, GPT Pilot, Smol Developer, and others.

Platform Detection

Quint identifies platforms through multiple signals:
  • Code signing — binary signature verification
  • Network patterns — API endpoint fingerprinting (e.g., api.anthropic.com, api.openai.com)
  • Process metadata — binary name, command-line arguments, parent process
  • User-Agent headers — HTTP header inspection through the proxy
Detection happens at the edge daemon level. No configuration needed — new agents are identified automatically.

Session Fingerprinting

Each session gets a stable fingerprint based on:
  • Agent identity (platform + version + instance)
  • Device identity
  • Temporal proximity of events
  • Conversation anchors (for chat-based agents)
This means if an agent disconnects and reconnects, Quint reassociates events to the same session rather than creating a new one.
Session boundaries are detected automatically. For long-running agents like Claude Code, a new session starts when there’s a significant gap in activity or a clear conversation reset signal.
The session list supports:
  • Platform filter — show sessions from specific platforms
  • Risk level — filter by low, medium, high, critical
  • Time range — respects the global time picker
  • Device/agent — narrow to a specific machine or agent instance
  • Text search — search within session events and metadata