# Detection Modules

Hexly uses **modular detection engines** to flag threats at every level.

#### Core Modules:

* **Smart Contract Scanner**
  * Detects phishing contracts, honeypots, and impersonators
* **Behavioral AI Engine**
  * Learns your wallet’s normal behavior to flag anomalies
* **Gas Spike Alert System**
  * Catches sudden gas volatility before risky TXs are signed
* **dApp Reputation Index**
  * Cross-references blacklist, community scores, and DNS fingerprints
* **Metadata Risk Scanner**
  * Flags links to wallet-fingerprinting or tracking scripts

All findings are cross-validated and shown in an easy-to-understand wallet report.

| Module                         | Purpose                                    |
| ------------------------------ | ------------------------------------------ |
| **Scam Signature DB**          | Known drainer contract identifiers         |
| **Behavioral ML**              | Identifies unusual wallet patterns         |
| **Gas Spike Watcher**          | Flags sudden network fee anomalies         |
| **Metadata Leak Watcher**      | Scans for traceable endpoints and trackers |
| **dApp Blacklist Cross-Check** | Blocks known phishing domains or wallets   |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://hexlys-organization.gitbook.io/hexly-ai-docs/detection-modules.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.