Trust3 AI Launches Agent Control Plane for Microsoft Copilot Studio with Shadow Agent Discovery and Runtime Kill Switch

Trust3 AI announced integration of its Agent Control Plane with Microsoft Copilot Studio on June 29, giving enterprise security teams centralized visibility and control over every agent deployed on Microsoft’s platform, according to a PR Newswire release.

The integration is the operational core of Trust3 AI’s Agent DOS (Discovery, Observability, Security) framework. It addresses a problem that has grown alongside enterprise agent adoption: security teams cannot govern agents they cannot see.

What the Integration Covers

The Agent Control Plane provides five capabilities for Copilot Studio environments, per Trust3 AI’s announcement:

Continuous discovery automatically finds every Copilot Studio agent, including shadow agents built outside official inventories, along with ownership, connected data sources, and risk classification.

Tamper-evident observability captures prompts, tool calls, decisions, and execution history for forensic replay and investigation.

Runtime guardrails and kill switch enforce security policies during agent execution and let security teams immediately stop agent activity during incidents.

MCP content firewall protects agents interacting with MCP servers by treating every server as untrusted by default, limiting credentials per request, and stripping prompt injection attempts embedded in tool descriptions or responses.

Identity-aware governance preserves the originating user identity throughout agent delegation chains, so access controls and audit trails reflect the individual who initiated the request rather than a generic service account.

“Copilot Studio makes it easy to build AI agents. It should be just as easy to discover them, understand what they’re doing, and stop them when they violate policy,” Trust3 AI stated in the announcement.

The Shadow Agent Problem

The shadow agent discovery feature targets a specific enterprise pain point. As Copilot Studio lowers the barrier to building agents, business units create agents without going through central IT or security review. These “shadow agents” operate with data access and tool permissions that security teams have no visibility into.

Trust3 AI’s approach sits outside the data path, meaning it monitors and governs agents without proxying their data traffic. This is architecturally significant for enterprises that need governance without introducing latency or data residency complications.

The integration will be showcased at AI Engineer World’s Fair 2026, running June 29 through July 2.