AI agents can autonomously perform tasks and, often without explicit user consent, collect or disclose users' sensitive local data, which raises serious privacy concerns. Although AI agents' privacy policies describe their intended data practices, there remains limited transparency and accountability about whether runtime behavior matches those policies. To bridge this gap, we present AudAgent, a tool that continuously monitors AI agents' data practices in real time and guards compliance with their stated privacy policies. AudAgent comprises four components for automated privacy auditing of AI agents. (i) Policy formalization: a novel cross-LLM voting mechanism that ensures high-confidence parsing of privacy policies into formal models. (ii) Runtime annotation: a lightweight Presidio-based analyzer that detects sensitive data and annotates data practices based on the AI agent's context and the formalized privacy policy model. (iii) Compliance auditing: ontology graphs and automata-based checking that link the privacy policy model with runtime annotations, enabling on-the-fly compliance verification. (iv) User interface: an infrastructure-independent implementation that visualizes the real-time execution trace of AI agents alongside detected privacy violations, providing user-friendly transparency and accountability. We evaluate AudAgent on AI agents built with mainstream frameworks, demonstrating its effectiveness in detecting and visualizing privacy policy violations. Using AudAgent, we further find that many privacy policies lack explicit safeguards for highly sensitive data such as SSNs, whose misuse violates legal requirements, and that many agents, including those powered by Claude, Gemini, and DeepSeek,do not refuse to process such data via third-party tools. AudAgent proactively blocks operations on such data, overriding the agents' original privacy policies and behavior.

翻译：AI智能体能够自主执行任务，并常在未经用户明确同意的情况下收集或披露用户的敏感本地数据，这引发了严重的隐私担忧。尽管AI智能体的隐私政策描述了其预期的数据处理实践，但其运行时行为是否符合这些政策，仍缺乏足够的透明度和问责机制。为弥合这一差距，我们提出了AudAgent，该工具能够实时持续监控AI智能体的数据处理实践，并确保其行为符合声明的隐私政策。AudAgent包含四个组件，用于对AI智能体进行自动化隐私审计。(i) 政策形式化：一种新颖的跨LLM投票机制，确保以高置信度将隐私政策解析为形式化模型。(ii) 运行时标注：一个基于Presidio的轻量级分析器，可根据AI智能体的上下文和形式化的隐私政策模型检测敏感数据并标注数据处理实践。(iii) 合规性审计：基于本体图和自动机的检查机制，将隐私政策模型与运行时标注关联起来，实现实时合规性验证。(iv) 用户界面：一个与基础设施无关的实现，可视化AI智能体的实时执行轨迹及检测到的隐私违规行为，提供用户友好的透明度和问责机制。我们在基于主流框架构建的AI智能体上评估了AudAgent，证明了其在检测和可视化隐私政策违规方面的有效性。通过使用AudAgent，我们进一步发现许多隐私政策缺乏对高度敏感数据（如SSN）的明确保护措施，其滥用违反了法律要求，并且许多智能体（包括由Claude、Gemini和DeepSeek驱动的智能体）并未拒绝通过第三方工具处理此类数据。AudAgent会主动阻止对此类数据的操作，覆盖智能体原有的隐私政策和行为。