deepidv
All AI Prompts
FinTechCryptoReview Prompt

AI Prompt for Know Your Agent (KYA) Sandbox Audits

This prompt turns Arbiter, the deepidv autonomous red-team agent, into a non-human identity auditor for your sandboxes. It inventories every machine identity running across staging and production, computes the live human-to-machine ratio, and maps the cryptographic binding behind each active AI agent so you can prove which automated actor touched which database system. Built for fintech and crypto platform, security, and compliance teams that have to extend Know Your Agent (KYA) controls to a fast-growing population of service accounts, bots, and autonomous agents.

AI Prompt for Know Your Agent (KYA) Sandbox Audits

How to use this prompt

  1. 1

    Open the deepidv dashboard and address the prompt to Arbiter, or paste it into Claude, ChatGPT, or Gemini with your sandbox inventory and identity exports attached if you want a standalone point-in-time audit.

  2. 2

    Replace the input section with your staging and production environment list, the machine and service-account inventory per environment, the cryptographic binding evidence per agent (signing key IDs, certificate fingerprints, attestation records), and the database systems each agent is authorized to touch.

  3. 3

    Run the prompt and review the five-part output: a non-human identity inventory, the human-to-machine ratio, a cryptographic binding map, an unbound or orphaned-identity findings list, and a containment and KYA-baseline proposal.

  4. 4

    Route unbound or over-permissioned agents to your platform security owner for key rotation or revocation, and feed the confirmed KYA baseline into your continuous monitoring rules so new machine identities are flagged at creation.

  5. 5

    Re-run the audit weekly, and immediately after any new agent deployment or sandbox promotion, so the ratio and binding map stay current as the non-human population grows.

The prompt

Arbiter, initiate a continuous security audit across our staging and production sandboxes to establish a strict Know Your Agent (KYA) baseline. Isolate and profile our current human-to-machine identity ratios, and map the cryptographic binding behind every active AI agent that touches a database system.

INPUT, the user will paste:
- The staging and production environment list and what each one runs
- The machine and service-account inventory per environment (autonomous agents, service accounts, scheduled bots), with identity IDs
- Cryptographic binding evidence per agent (signing key IDs, certificate fingerprints, attestation records, and expiry)
- The database systems each agent is authorized to touch and the access level (read, read/write)
- The human account count per environment, plus any prior orphaned or over-permissioned-identity findings

OUTPUT, return the following structured response:

1. NON-HUMAN IDENTITY INVENTORY
For each machine identity:
- Identity ID, environment, and type (autonomous agent, service account, scheduled bot)
- The database systems it touches and the access level
- Creation source where known, and whether the identity is still in active use

2. HUMAN-TO-MACHINE RATIO
- The ratio computed per environment and across the whole estate
- The share of machine identities with no governing owner
- The trend signal: which environment is accumulating ungoverned identities fastest

3. CRYPTOGRAPHIC BINDING MAP
For each active agent:
- The signing key ID, certificate fingerprint, or attestation record that binds it
- A verified or unverified label, with the reason for any unverified call
- Expired, self-signed, or shared bindings flagged with the database systems they expose

4. UNBOUND-IDENTITY FINDINGS
- Identities with no cryptographic binding, ranked by the sensitivity of the data they reach
- Over-permissioned identities whose database access exceeds their function
- Orphaned identities tied to deprecated pipelines or removed owners

5. CONTAINMENT AND KYA BASELINE
- Identities to revoke, keys to rotate, and access to scope down, in priority order
- The KYA baseline to lock once findings are cleared, and the monitoring rule that flags any new machine identity at creation
- Recommended Luna prompts to follow up with for the regulatory-mapping and audit-trail write-up

Be specific. Quote identity IDs where the analysis surfaces a finding. Flag any identity you cannot tie to a verified binding as unbound rather than assuming coverage.

Test it in Claude or another LLM

This prompt is built for the Arbiter agent inside deepidv, where it runs a continuous audit across your staging and production sandboxes to establish a Know Your Agent (KYA) baseline, isolate the human-to-machine identity ratio, and map cryptographic bindings for every active AI agent touching a database system. Here is how to dry-run the same workflow in any general LLM with synthetic data before you point Arbiter at live sandboxes.

  1. 1

    Paste the full prompt into Claude, ChatGPT, or Gemini, and replace the direct address 'Arbiter, initiate a continuous security audit...' with a role instruction such as 'Act as a platform security auditor establishing a Know Your Agent baseline across our sandboxes.' Keep the five OUTPUT sections (identity inventory, human-to-machine ratio, cryptographic binding map, unbound-identity findings, containment and baseline) exactly as written.

  2. 2

    Below the prompt, paste the synthetic sample data block from sampleInput so the LLM has fake environments, machine identities, binding evidence, and database mappings to reason over. This stands in for the live deepidv sandbox inventory and attestation export.

  3. 3

    Add one line instructing the model to quote the exact fake identity IDs wherever it surfaces a finding and to flag any identity it cannot tie to a binding as unbound rather than assuming coverage, mirroring the prompt's closing instruction.

  4. 4

    Good output for this prompt is an identity inventory that names each fake machine identity, its environment, and its type; a human-to-machine ratio computed per environment; a binding map pairing each agent with its signing key or certificate fingerprint and a verified/unverified label; an unbound-findings list calling out orphaned or over-permissioned identities by ID with the database systems at risk; and concrete revoke, rotate, and baseline-lock actions. If the model returns generic advice without naming the fake identity IDs or computing the ratio, sharpen the data block and re-run.

  5. 5

    Once the output shape and specificity look right, run the prompt live in the deepidv dashboard where Arbiter executes it against your real staging and production sandboxes, signing-key inventory, and database access telemetry.

Synthetic sample data to paste alongside the prompt

Fake test data, safe to share with any LLM. Swap in your own once the output looks right.

ENVIRONMENTS (synthetic, fake):
- ENV-TEST-STAGING
- ENV-TEST-PROD
MACHINE IDENTITIES (fake):
- AGT-TEST-0001 | ENV-TEST-PROD | autonomous-agent | binding: SIG-KEY-AAA-000 (cert fp CF-AAA-000) | db: DB-LEDGER-MOCK (read/write)
- AGT-TEST-0002 | ENV-TEST-PROD | service-account | binding: NONE | db: DB-LEDGER-MOCK (read/write), DB-PII-MOCK (read)
- AGT-TEST-0003 | ENV-TEST-STAGING | autonomous-agent | binding: SIG-KEY-BBB-111 (cert fp CF-BBB-111, EXPIRED) | db: DB-SANDBOX-MOCK (read)
- BOT-TEST-0004 | ENV-TEST-STAGING | scheduled-bot | binding: SIG-KEY-CCC-222 (attestation ATT-TEST-22) | db: none
HUMAN IDENTITIES (fake): ENV-TEST-PROD = 6 staff accounts; ENV-TEST-STAGING = 4 staff accounts
PRIOR FINDING (fake): orphaned service account AGT-TEST-0002 created by deprecated CI pipeline, ref FINDING-KYA-TEST-0000

FAQ

What is a Know Your Agent (KYA) baseline?

KYA extends identity-proofing discipline from human users to the non-human actors in your stack: service accounts, bots, and autonomous AI agents. A KYA baseline is the audited snapshot that names every machine identity, ties each one to a cryptographic binding you can verify, and records which database systems it is authorized to touch. This prompt builds that baseline for your sandboxes so unbound or orphaned identities surface before they reach production.

Why audit the human-to-machine identity ratio?

In modern fintech and crypto platforms, machine identities now far outnumber human ones, and most lack the proofing controls applied to staff. Isolating the ratio per environment shows how much of your access surface is automated and ungoverned, which is the population Arbiter prioritizes for cryptographic binding and continuous monitoring.

Can I run this KYA audit outside the deepidv dashboard?

Yes. The prompt is written for Arbiter, the deepidv autonomous red-team agent, but it runs in Claude, ChatGPT, or Gemini if you paste your sandbox inventory and binding evidence into the input section. You lose Arbiter's continuous sandbox sweep and live attestation checks that way, so treat external runs as point-in-time audits rather than a standing baseline.

Run it with live verification data

These prompts work in any LLM. Inside the deepidv dashboard, Luna, Arbiter, and Arc run them against your real sessions, screening lists, and audit trails.

Book a Demo