Show the hidden or ambient path first
Use Governance Audit to surface provider spend, browser-visible vendor actions, MCP authority or shell-level tool execution that already exists in the repo.
NORNR
Visibility first. Then one named control layer before the next consequential path hardens.
NORNR / Shadow AI discovery
Visibility-first wedgeShow where agent and provider spend already escapes review.
This is the easiest cold wedge because you are not asking a team to buy policy first. You are showing where consequential execution, provider spend and browser-visible actions already exist without a clear review boundary.
Discovery loop
Visibility should turn into install in one calm sequence.
Discovery only matters if it produces one exact control move. The strongest NORNR loop is still: exposed repo path, PR guardrail, right governed lane, then artifact-grade proof later.
Put one review boundary in the pull request
Budget Shield is the fastest proof because the team sees the control story inside engineering workflow before the risky path reaches main.
Route the real lane only where the risk actually lives
Use wrappers for provider spend, MCP for local tool authority and browser governance when the last consequential step is the web click itself.
Prove the same lane survives into evidence
Once the buyer is warm, use packets and monthly memo to show the same governed decision is still readable outside the product later.
What to look for
The discovery wedge should name the path in plain English.
The point is not a score. The point is to say what the repo is already doing and where review or release ownership is missing.
Model calls can already create recurring cost without explicit review
These usually want a thin spend-aware wrapper first, then a fuller governed runtime lane once the team trusts the ingress.
Checkout, vendor confirmation or subscription change may already be the real decision boundary
When the last consequential moment is a click, form fill or confirmation step, the browser path itself is the first lane worth governing.
MCP and shell-level execution should not quietly become runtime power
These usually want one reviewed tool boundary first so local power is named before the agent can act on it freely.
Outbound requests can already create purchases, upgrades or irreversible side effects
That is not “just API usage.” It is the beginning of a real counterparty and settlement story that needs one governed lane before it scales.
Best next move
Use the smallest useful install, not the biggest product pitch.
The right discovery message is simple: here is the path, here is why it matters, here is the first move. NORNR comes in as the package for that first move, not the opening paragraph.
Run Governance Audit first
Use the audit when the team already has code and you need to show exposed paths in a repo-specific way instead of talking in abstractions.
Install Budget Shield second
Use the PR guardrail when you want the fastest possible proof that the team can review consequential changes before they merge.
Use wrappers when the risk is mostly spend at the client edge
This is the thinnest runtime move once discovery says the repo is mainly adding or widening paid provider calls.
Use browser governance when the click is the real settlement boundary
Choose this when checkout, vendor confirmation, subscription changes or admin clicks are the clearest consequential step in the workflow.