Lema Agentic Risk Engineering is a third-party risk management platform that uses AI to analyze vendor security risks in real-time. The platform goes beyond traditional compliance-based TPRM by forensically investigating vendors to identify hidden security risks that threaten organizations. The system maps vendor access levels and data flows to determine blast radius, showing what data vendors can access and where it goes. It analyzes vendor documentation, policies, and configurations to identify contradictions between stated policies and actual practices, such as retention policies that conflict with developer documentation. Lema performs risk correlation by chaining isolated signals to simulate how vendor failures could cascade through an organization's ecosystem. The platform only flags risks when it can prove a viable threat path exists. For each identified risk, it provides prescriptive remediation steps including specific configuration changes, contract language amendments, and permission adjustments. The platform monitors vendor permissions continuously to detect scope drift, such as when permissions silently change from read-only to write access. It cross-references vendor data flows against jurisdictional requirements to identify compliance violations with sub-processors in restricted locations. Lema analyzes vendor default settings that may violate IP privacy, such as tools that collect source code for model training. The platform provides specific technical fixes to neutralize identified threats while enabling business operations to continue.