SAFE's Fourth-Party AI Agent (ShadowScan) is a component of the SAFE TPRM platform that automatically identifies fourth-party vendors and shadow vendors across an organization's environment. The agent uses AI parsing and DNS intelligence to discover undeclared vendor relationships that may introduce hidden risks. The agent extracts domain values from DNS records using AI parsing, performs pattern recognition through regex and heuristics, and automatically infers and classifies fourth-party relationships. It maps the supply chain extended through DNS analysis and maintains traceability through AI-tagged metadata. The output provides a structured enumeration of fourth-party domains categorized by record type and relationship. Each domain association is tagged with AI-generated metadata to enable security and risk teams to trace how a fourth-party relationship was discovered. The data is visualized in a supply chain map that extends beyond direct third-party relationships. The agent reduces vendor assessment time from 6-10 hours per vendor to under 1 minute per vendor. It addresses challenges related to shadow vendors, fourth-party blind spots, and lack of real-time visibility into vendor data.