![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 57.00000000000001%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPH%3C/text%3E%3C/svg%3E)
Those entries are internal agent identifiers that can surface as “ghost” agents in Copilot Chat when agents are being tested, deployed, or managed in the tenant. They correspond to Copilot agents that exist in the environment (for example, agents created via Copilot Studio, Teams Toolkit, or agent builder and then approved by an admin), but whose friendly names or metadata are not being rendered correctly in the UI.
From the admin and reporting perspective, these are treated like any other organizational agents:
- They are counted as agents in Microsoft 365 Copilot usage and agent reports when users at‑mention or select them in Copilot Chat or in Microsoft 365 apps.
- Admins can manage them like other apps/agents in the Integrated apps section of the Microsoft 365 admin center (enable/disable, review, or remove them for users).
If these ghost agents are unexpected or confusing:
- Ask a Microsoft 365 admin to open the Microsoft 365 admin center → Integrated apps and review the list of Copilot agents/apps to identify any with similar IDs and adjust availability as needed.
- Use the Microsoft 365 Copilot agent usage report to see whether these agents are being used and confirm they were created and approved within the organization.
- If they cannot be identified or removed through normal management, open a support ticket with Microsoft 365 support so they can investigate the specific agent IDs in the tenant.
These entries are not end‑user malware or a security threat; they are part of the Copilot agent extensibility surface and can be governed by admins.
References: