How are you reviewing agent permissions and tool access before deployment?

As AI agents gain access to files, shells, browsers, APIs, email, and business systems, I think we need a clearer way to review what an agent project is capable of doing before trusting it. I have been working on a local scanner called FCM Trust that reviews agent projects for potential security, privacy, permission, and reliability problems. It currently checks for areas including: Credential exposure Dangerous shell behavior Broad file access External connections Unsafe tool permissions Input and prompt-handling risks Sensitive data storage Missing user-consent controls The scanner runs locally, does not upload the project, and does not automatically modify code. I am interested in how other agent builders currently handle this problem. Do you rely on: Manual code review Sandboxed environments Permission manifests Static-analysis tools Container isolation Agent-specific security testing Something else? I am the developer of FCM Trust, but I am mainly interested in discussing what a useful agent-security review should contain. I do not want to assume that a general software-security checklist covers everything agents introduce. What risks should an agent-focused scanner prioritize?