What's being said about your principal — before something happens.

Closed-surface fan-out across the threat-prior internet — Reddit ideation subs, 4chan /pol/ /biz/, Bluesky, Telegram channels, the Ahmia onion index, Doxbin — plus grounding context from Google News, federal court filings, Wikipedia, and SEC EDGAR. A live agent fires every tool in parallel and synthesizes a single operator-facing answer.

• Threat-first by default. Sentiment does not modify severity — a "fan" doxx of a home address is CRITICAL, period. The Mangione-archetype detection rules are baked into every sweep.
• Live, narrated, cited. Every tool call appears in the live step log with latency, cost, and source count. Every claim in the answer ties back to a real URL. No grounded source → no claim.
• Continuous monitoring. Flip it on per principal — the cron re-runs every 6 hours, the dossier shows what's new since baseline, and the operator acknowledges deltas as they're triaged.