Agent Types#
Lens Agents governs three types of AI agents through one platform. All share the same identity model, policy engine, privacy controls, audit trail, and spending controls.
Overview#
| Desktop AI tools | External agents | Managed agents | |
|---|---|---|---|
| Runs on | User's laptop | Any cloud or infrastructure | Lens Agents platform |
| Identity | User's SSO (OIDC) | Dedicated agent token | Platform-provisioned |
| Connects via | MCP endpoint | MCP with agent token | Native |
| Sandbox | Platform-hosted (or local via CLI) | Platform-hosted or self-hosted | Platform-hosted |
| LLM | External (user's provider) | External (framework's provider) | Via LLM proxy — Anthropic and AWS Bedrock today, with spending controls |
| Governance | Identity, policies, audit, credential isolation, connections | Same | Same |
| Platform capabilities | — | — | Memory, heartbeat, scheduling, autonomy, channels, workspace files, subagents |
Desktop AI Tools#
Claude Desktop, Claude Code, Cursor, Microsoft Copilot, ChatGPT Desktop. These run on people's laptops — the majority of AI agent usage today.
How it works: the tool connects to an organization's Lens Agents endpoint over MCP. Every tool action routes through the governance chain — authentication, authorization, sandbox, credential injection, audit.
What changes for the user: nothing. They use the AI tool exactly as before. The difference: every action is audited, access is controlled by policy, and IT has visibility.
Identity: desktop tools operate under the user's SSO identity. Actions are attributed to the user in the audit trail. Personal credentials (kubectl config, AWS keys, GitHub tokens) are never exposed to the tool — the platform handles authenticated access.
Execution mode: Mode 1 — agent outside the sandbox. Tool execution is sandboxed; the agent's own reasoning runs on the user's machine.
Local sandboxing: headless agents (Claude Code, Codex, and similar) can also run in Mode 2 — agent inside the sandbox via the local CLI, which governs the entire agent process, not just its tool calls.
External Agents#
Custom agents built with any agent framework (Claude Agent SDK, LangChain, CrewAI, AutoGen, in-house frameworks), running on any infrastructure.
How it works: the agent uses its framework's MCP client to connect to the organization's Lens Agents endpoint with a scoped agent token. The token is the agent's identity; every action is attributed to it.
Identity: each external agent gets a dedicated token with its own identity, separate from any human and separate from any other agent. Agents belong to teams with project-level access grants.
Execution mode: Mode 1 — agent outside the sandbox by default. External agents can also run in Mode 2 — agent inside the sandbox for stronger isolation of the agent process itself.
Managed Agents#
Autonomous agents created directly on Lens Agents. Same governance as desktop and external agents, plus platform capabilities that make them behave more like co-workers than chatbots.
How it works: the agent is configured through conversation — you describe what it should do in natural language. It learns your environment, preferences, and workflows through live interaction, and retains that knowledge across conversations.
Identity: platform-provisioned. Each managed agent is a first-class principal with its own identity and audit attribution.
Execution mode: Mode 2 — agent inside the sandbox. The entire agent runs inside a Lens Agents sandbox — all agent activity is governed, not just tool calls.
Platform capabilities#
Managed agents have capabilities beyond what desktop and external agents get:
- Web chat — in-product conversation interface
- Heartbeat monitoring — configurable always-on monitoring with smart alert suppression
- Autonomy levels — five levels from Observer (monitor and report) to Autonomous (act within scope)
- Memory — two-layer system: searchable database plus a curated summary always in context
- Slack — DM and channel participation with multi-user attribution
- Workspace files — seven files that define personality, monitoring instructions, goals, and operating manual
- Scheduled operations — recurring tasks via cron, intervals, or one-shot timers
- Subagents — delegate to specialized subagents, each with its own context and tools
A managed agent becomes what you define it to be: an SRE that monitors production, a support specialist that triages tickets, a compliance officer that runs scheduled audits.
Choosing an Agent Type#
| If you want to... | Use |
|---|---|
| Connect existing AI tools (Claude Desktop, Cursor, Claude Code) to enterprise systems | Desktop AI tools |
| Govern a custom agent built with LangChain, CrewAI, or another framework | External agents |
| Create an autonomous agent that monitors, reports, and takes action on its own | Managed agents |
| Run an agent locally with full sandbox isolation | Local CLI execution |
| Govern all of the above through one platform | All — that's the platform |
Model flexibility#
Every agent type is decoupled from the model layer. Desktop and external agents use whichever provider their tool or framework is configured for — Lens Agents is out of that path. Managed agents route through the platform's LLM proxy, which today integrates with Anthropic and AWS Bedrock; additional providers are added based on customer need. See Supported Models.
Pick a mode, we'll stand it up
Most evaluations start with one mode and expand. Desktop AI tools are the fastest to see working (minutes); managed agents deliver the most visible win; external agents fit teams with existing custom-agent code. Talk to us with your first use case — we provision the environment.
Related#
- How it works — architecture and request flow
- Agent execution modes — governance comparison between Mode 1 and Mode 2
- Security model — trust boundaries and threat model
- Sandbox isolation — how agents are isolated