Orphaned AI Agents Retain Unrevoked Tokens Across Enterprise Identity Silos

The Hacker News briefing from SailPoint highlights how internal AI deployments leave administrative debt through orphaned agents that pull repositories and access databases without ownership linkage. Traditional filters register these actions as routine application behavior, missing the fact that the authorizing human credential has already been revoked. This gap stems from treating AI as static software rather than dynamic identity borrowers that shift access patterns autonomously over time. Evidence from procurement patterns shows enterprises accelerated agent rollouts without unified control planes, leaving tokens active long after HR records close accounts. Related incidents in 2025 demonstrated similar exposure vectors in CI/CD pipelines where agents retained Git and cloud IAM permissions post-departure. The pattern matches earlier shadow IT growth but with higher persistence due to agents executing without human prompts. Independent analysis of identity vendor contracts reveals most current platforms lack native mapping for non-human AI identities to original creators. Operational impact centers on IP exfiltration risk once an external actor discovers these dormant tokens. Next steps require retrofitting identity governance to include agent creation logs and automated revocation tied to employee lifecycle events rather than isolated tool audits.