The Ethereum Foundation has reported that while AI agents are effective in identifying vulnerabilities in network infrastructure, the majority of these findings are false positives. The Foundation's protocol security team utilized AI agents to test critical components such as system software, cryptographic code, and smart contracts. This effort led to the discovery of genuine vulnerabilities, including a remotely triggerable panic in libp2p gossipsub, which has since been addressed and disclosed. Despite these successes, the AI agents have increased the workload for human researchers, as many identified vulnerabilities were incorrect, duplicates, or irrelevant. The Foundation emphasized that a potential vulnerability is only validated when a researcher can independently reproduce it against the actual code, highlighting the continued importance of human judgment in the verification process.