From Rogue Employees to Rogue Agents: Repurposing Insider Threat Detection for AI Agent Governance

AI agent monitoring and insider threat detection share the same architecture: profile a baseline, flag deviations, encode assumptions about trust. We make this concrete across thirteen experiments. Using a Unified Behavioural Feature Schema (UBFS) that maps both employee activity logs and agent execution traces into a shared representation, we apply three anomaly detection models—Isolation Forest, LSTM Autoencoder, and Deep Clustering—across five domains. Cross-domain transfer works: an Isolation Forest trained on 329,000 insider threat user-days retains 97% of detection power on agent traces, and transfer to MCP tool-calling benchmarks exceeds within-domain performance (104.8% retention). But the blind spots transfer too. Synthetic OWASP profiling identifies Tool Misuse (ASI02) as a blind spot (~0.52 AUC-ROC), but real-data validation on 500 ATBench trajectories reveals this is an artifact of circular synthetic methodology: real ASI02 achieves 0.81-0.94 AUC-ROC. Adversarial evasion testing, temporal window ablation, MITRE ATLAS mapping, and distillation sensitivity analysis complete the evaluation. The detection models port across domains. So do their biases, and so do their blind spots.