Hi Olivier,
If you need to know the list of users who can execute listed sensitive transaction code, may be you can do this way
1. Get the list of roles where any one of this Tcode is present ( AGR_1251)
2. Next give these roles in AGR_USERS and find the list of users who have access to one of these roles
Ultimately it gives you the list of users who can execute at least one or more transaction codes from the sensitive Tcode list.
If you want have which users can execute which transaction code, you may use SQVI to establish the mapping or you can do some excel work with filters.
Thanks,
Kalpana.