> For the complete documentation index, see [llms.txt](https://whitepaper.gopluslabs.io/goplus-network/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://whitepaper.gopluslabs.io/goplus-network/the-goplus-security-layer/goplus-intelligence.md). # GoPlus Intelligence ## Introduction GoPlus Intelligence is the risk analysis engine of the GoPlus security layer. It provides real-time security intelligence for AI agents, Web3 users, wallets, applications, chains, and developers. Its purpose is to detect risk before execution and provide the signals needed for runtime protection, policy enforcement, user warnings, transaction blocking, approval workflows, and security audits. GoPlus Intelligence began with Web3 security, including token risk analysis, malicious address detection, phishing detection, approval and signature analysis, dApp security information, and transaction simulation. As GoPlus expands into the AI era, GoPlus Intelligence also supports agent-oriented risk analysis such as credential leak detection, prompt-injection detection, malicious command detection, URL analysis, permission abuse analysis, package risk detection, and data exfiltration detection. ## GoPlus Intelligence Overview ### Key Features * **Real-time risk signals:** Provides up-to-date security intelligence for runtime decisions. * **Automated analysis:** Uses AI models, security rules, graph analysis, code analysis, transaction simulation, and threat intelligence to identify risk. * **Cross-environment coverage:** Supports both Web3 execution and AI agent runtime security. * **Scalable integration:** Offers APIs, SDKs, and product integrations for developers, wallets, dApps, chains, AI agent frameworks, and security platforms. * **Policy-ready output:** Produces structured risk results that can be used by AgentGuard, Security RPC, GoPlus APP, browser extension, infrastructure integrations, and third-party products. ## GoPlus Intelligence Capabilities ### AI Agent Runtime Risk Analysis Analyzes risky actions attempted by AI agents before execution. * Features: command risk detection, file access evaluation, sensitive data access detection, tool-call risk analysis, permission abuse analysis, and runtime risk scoring. * Applications: AgentGuard, coding agents, autonomous workflow platforms, AI agent frameworks, MCP tool routers, and enterprise agent governance. ### Prompt Injection Detection Detects attempts to manipulate agent behavior through malicious or hidden instructions. * Features: detection of role hijacking, system prompt extraction, obfuscated payloads, encoded instructions, and indirect prompt injection patterns. * Applications: AgentGuard runtime enforcement, browser agents, coding agents, document-processing agents, and web automation agents. ### Credential Leak Detection Identifies exposed secrets and sensitive credentials in files, commands, prompts, repositories, and agent-accessible content. * Features: detection of API keys, private keys, tokens, database credentials, cloud credentials, and connection strings. * Applications: agent runtime protection, developer workflow protection, repository scanning, and supply-chain security. ### Malicious Command and Data Exfiltration Detection Detects command patterns and data movement behaviors that may cause system compromise or sensitive data leakage. * Features: remote code execution detection, reverse shell detection, encoded payload detection, suspicious network transfer detection, sensitive path access detection, and exfiltration pattern analysis. * Applications: coding agents, deployment agents, CI/CD assistants, local agent runtimes, and enterprise automation workflows. ### URL and Package Risk Analysis Analyzes URLs, domains, packages, plugins, skills, and agent supply-chain inputs. * Features: malicious domain detection, phishing URL analysis, suspicious TLD analysis, homograph attack detection, malicious package indicators, and advisory-based detection. * Applications: AgentGuard supply-chain scanning, MCP security workflows, agent plugin review, and browser-agent protection. ### Multi-chain Token Security Provides detailed security analysis of tokens across supported blockchain networks. * Features: token contract security, liquidity analysis, holder distribution, permission risk, honeypot indicators, and malicious behavior signals. * Applications: exchanges, wallets, DeFi platforms, token launch platforms, research tools, and trading applications. ### AI-Powered Token Audit Powers DeepScan with token contract audit capabilities that combine static analysis, AI semantic review, financial risk modeling, and accumulated security rule patterns. * Features: smart contract vulnerability detection, rug pull risk detection, access-control analysis, honeypot and scam detection, Graph-IR static analysis, LLM-powered audit, and financial semantic modeling. * Applications: DeepScan, token projects, launchpads, exchanges, wallets, dApps, and AI-assisted Web3 development workflows. ### Malicious Address Detection Provides a timely and comprehensive malicious address intelligence service. * Features: identification of scam, phishing, drainer, exploit, laundering, and other malicious addresses. * Applications: transaction screening, wallet warnings, compliance workflows, dApp risk management, and chain-level protection. ### NFT Security Assessment Assesses NFT-related risks to help detect scams, suspicious contracts, or fraudulent activity. * Features: origin analysis, transaction history review, contract security analysis, and suspicious behavior detection. * Applications: NFT marketplaces, wallets, collectibles platforms, and digital asset services. ### Approval Security Analysis Analyzes token approval requests to prevent unauthorized or high-risk asset exposure. * Features: spender risk detection, unlimited approval risk analysis, known malicious contract detection, and approval behavior assessment. * Applications: wallets, DeFi applications, browser extension, transaction protection, and user security dashboards. ### dApp Security Information Aggregates and analyzes security information about dApps. * Features: contract risk signals, audit status, malicious behavior indicators, phishing relationships, and historical security information. * Applications: wallets, dApp browsers, security dashboards, ecosystem monitoring, and user warnings. ### Signature Data Decoding Decodes and analyzes signature payloads for irregularities or malicious intent. * Features: ABI signature decoding, permit and permit2 risk detection, malicious signature pattern recognition, and transaction intent interpretation. * Applications: wallet protection, transaction confirmation flows, phishing prevention, and user-facing risk explanations. ### Phishing Site Detection Detects and blocks phishing websites before users or agents interact with them. * Features: real-time URL verification, phishing pattern detection, suspicious domain analysis, and malicious site intelligence. * Applications: browser extensions, wallets, AI browser agents, security tools, and dApp front-end protection. ### Multi-chain Transaction Simulation Simulates transactions across blockchain networks to assess expected results and detect potential risks before execution. * Features: * Preview transactions in a secure environment. * Identify anomalies, risky token transfers, approval changes, and unexpected contract behavior. * Support multiple blockchain networks including Ethereum, BNB Chain, Solana, Sui, and others. * Provide reports on gas estimation, token movements, and contract interactions. * Applications: * Wallet transaction protection. * dApp and DeFi risk management. * Chain-level and RPC-level security. * AI agents that prepare, review, or submit Web3 transactions. ### Conclusion GoPlus Intelligence provides the risk intelligence foundation for the GoPlus security layer. By combining Web3 security analysis with AI agent runtime risk detection, it enables GoPlus to protect high-risk actions before they execute across agents, wallets, applications, chains, and decentralized security services. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://whitepaper.gopluslabs.io/goplus-network/the-goplus-security-layer/goplus-intelligence.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.