AGENT_SANITY // DEFAI_RISK_SCANNER

To check if an AI Agent can steal your funds, examine the contract's ownership structure and withdrawal limits. A single-owner contract poses higher risk than a multisig-controlled one. Look for guardrails like timelocks on withdrawals and verify that critical functions require multiple signatures.

The Autonomy Limit in DeFAI refers to the balance between agent freedom and user safety. It represents the maximum threshold of independent action an AI agent can take without explicit human approval. Higher autonomy means more efficiency but greater risk; lower autonomy provides more safety but requires more human intervention.

Detecting malicious AI Agent smart contracts involves identifying proxy patterns that allow unannounced upgrades, checking for un-timelocked critical functions, and analyzing withdrawal mechanisms. Red flags include single-owner control, hidden upgrade paths, and unrestricted fund access.

Scanning an agent before delegation follows the 'Don't Trust, Verify' mantra in DeFAI. Delegating to an AI agent means granting it access to your assets. A pre-delegation scan reveals ownership risks, autonomy limits, and potential vulnerabilities that could lead to fund loss or unauthorized transactions.

NO. AgentSanity is not a substitute for a professional audit from firms like CertiK. It is a heuristic sanity check tool designed for instant risk detection and initial screening. For high-value transactions or protocol deployments, always seek a comprehensive security audit from certified professionals.