@ancilar
An autonomous agent we reviewed could have emptied its own wallet without a single line of malicious code. It held its keys directly and had no limit on what it could spend per action. A bad prompt or a confused decision was all it would take.