Autonomous agents need scoped, revocable authority (per-transaction, per-session, per-day caps; merchant/category allowlists; velocity limits) enforced deterministically at the smart-account layer rather than via off-chain prompts, yet today most policy checks happen client-side and can be bypassed once payment credentials are saved. Prototype an Odra/WASM smart-account module on Casper 2.0 that evaluates spend policies before settlement and auto-escalates to human approval on violation. Evaluate on policy-violation rate (target near-zero leakage on a red-team transaction suite), added settlement latency, and gas/transaction cost versus an unguarded baseline wallet.