> For the complete documentation index, see [llms.txt](/llms.txt).

# Security

MetaMask Agent Wallet applies built-in security on every signing and transaction path.

## Transaction simulation[​](#transaction-simulation "Direct link to Transaction simulation")

Before a transaction executes, the CLI simulates it to surface reverts, unexpected state changes, and other failures early.

## Transaction Shield[​](#transaction-shield "Direct link to Transaction Shield")

Transaction Shield scans transactions for known threats, including malicious contracts and scams. When a transaction is flagged, it requires your approval before it executes. You receive details in the CLI output and through the approval flow.

## Smart Transactions[​](#smart-transactions "Direct link to Smart Transactions")

Smart Transactions helps protect transactions from sandwich attacks and related MEV extraction where supported on the target chain.

## Server wallet[​](#server-wallet "Direct link to Server wallet")

In server-wallet mode, your private key is held securely in a trusted execution environment (TEE). Keys are not exposed to the agent process. You retain self-custody and can export your secret recovery phrase when supported by your account configuration.

## Guard Mode and Beast Mode[​](#guard-mode-and-beast-mode "Direct link to Guard Mode and Beast Mode")

Trading modes apply to server-wallet only. During `mm init`, you set daily spend limits and protocol allowlists that define what your agent can do without your approval.

| Mode                     | Policy enforcement                   | When 2FA is required                                                                                   |
| ------------------------ | ------------------------------------ | ------------------------------------------------------------------------------------------------------ |
| Guard Mode (Recommended) | Enforces spend limits and allowlists | When a transaction exceeds your limits, targets a non-allowlisted protocol, or is flagged as high risk |
| Beast Mode               | Skips routine policy checks          | When a transaction is flagged as malicious or high risk                                                |

When 2-factor authentication is required, the CLI pauses the job until you approve or reject it. Your sign-in method during `mm login` determines which channel the CLI uses:

| Sign-in method  | Approval channel                    |
| --------------- | ----------------------------------- |
| QR code         | MetaMask Mobile push notification   |
| Google or email | Email link with transaction details |

The agent cannot proceed without your approval on flagged or policy-violating transactions.

Configure modes during `mm init`. See [Trading modes](/agent-wallet/use-the-cli-directly/#trading-modes-server-wallet-only).

## Next steps[​](#next-steps "Direct link to Next steps")

- [Architecture](/agent-wallet/concepts/architecture/)
- [Quickstart](/agent-wallet/quickstart/)