Manifold Security, an AI detection and response platform startup, has launched Manifest, a supply chain intelligence platform that analyzes interactions among AI agent components and their connections to external systems, SiliconANGLE reported on April 14 local time.

The company said supply chain complexity is growing as the AI agent ecosystem expands rapidly and each agent component comes with its own trust assumptions, dependencies and potential vulnerabilities. Using a graph-based approach, Manifest models how individual components operate and how they connect across the broader ecosystem, building 2 graphs. One is an execution graph that tracks skill call relationships and dependencies. The other is an environment graph that tracks copyright, similarity and cross-registry relationships. The company said combining the 2 perspectives can identify patterns and risks that are difficult to detect with existing file-level analysis.

A report released alongside Manifest said more than 238,000 unique skills were identified across multiple registries, and malicious cases have already been found in widely used marketplaces. In one case, a malicious skill artificially boosted its ranking within a registry and leaked identity data as it was executed thousands of times across multiple organisations.

The report also pointed to wide discrepancies in detection results among current AI agent component analysis tools. It said a lack of context is the reason, because many risks arise from relationships among components rather than from a single asset. It stressed that Manifest addresses this by integrating ecosystem-level data such as author activity, dependency chains and infrastructure connections.