There needs to be a site like virustotal that will let people submit a smart contract address to be scanned for red flags before sending money to it. As things currently are there is no way to know if a smart contract has problems until those problems have affected people or a dev notices something and reports it. All too often we see swaps taking place due to a bug or some other issue that could have been detected right from the start..