Working with a CTO on visibility into what's actually running locally across a 70-engineer org. (For the context, there's no ZTNA implementation, At the moment, if there's a way to approach it from ZTNA angle, I'd love to know)

Engineers use cursor heavily, started adopting MCPs, and now there's a mix of verified, open source, and basically untrusted github repos running locally.

Customer creds are accessible from these environments. We want visibility first - detect what MCPs exist, where they're installed, track usage.

That part feels tractable. But from a detection/monitoring angle, once you know what's there - what's worth actually watching?

Some MCPs legitimately need local execution so you can't just block them. Full network proxying feels unrealistic for dev workflows.

How you approached it? what can implement after visibility?