Security Scanning & Verification
Token safety checks, DApp phishing detection, smart contract analysis
🟢 Beginner friendly — read-only scanning. Use this BEFORE any trade, approval, or sign.
📘 This page is about token / DApp scanning — verifying that a contract or website is safe to interact with. For the agent's own safety layers that prevent it from running malicious code or moving funds without confirmation, see the Security chapter.
Before you trade or interact with a DApp, the agent can scan for risks: honeypot tokens, phishing sites, risky approvals, and suspicious smart contracts.
💡 Glossary: honeypot, rug pull, stablecoin — scams you want the agent to catch before you do.
What you can do
- Token safety scan: honeypot detection, holder concentration, dev history
- DApp/URL phishing check: is this website a scam?
- Transaction simulation: pre-execution safety check before signing
- Approval management: check risky ERC-20/Permit2 approvals, revoke if needed
- Profile verification: verify Twitter profiles for scam indicators
Example prompts
is this token safe? 0xabc...
check if this URL is a phishing site: example.com
scan this transaction before I sign it
show my risky token approvals on Ethereum
verify this Twitter profile — is it a real person?Example output — token safety scan
Prompt: is this token safe? 0x1234...5678
Agent response:
Token scan — 0x1234...5678 (WIFFLE)
⚠ 3 red flags (don't trade):
- Honeypot risk: HIGH — contract sells are tax-gated at 99%. Buy transactions succeed; sell transactions fail silently. Classic honeypot pattern.
- Holder concentration: dangerous — top wallet holds 87% of supply. Second wallet holds 8%. If either dumps, price → 0.
- Contract not verified — source code not published on Etherscan; cannot audit. All unverified contracts should be treated as hostile.
Other context:
- Deployed: 2 days ago
- Liquidity: $8,400 (very thin)
- Developer wallet: previously rugged 3 tokens (Feb 2024, Aug 2024, Nov 2024). Historical rug pattern: dump within 5-10 days.
Verdict: do not interact. This is almost certainly a scam.
Example output — phishing check
Prompt: check if uniswap-airdrop.net is a phishing site
Agent response:
URL check — uniswap-airdrop.net
⚠ Phishing: very likely
- Domain registered 4 days ago (new domain = red flag)
- Not affiliated with Uniswap (real domain: uniswap.org)
- SSL cert issued to unrelated entity
- Uniswap has NEVER announced an airdrop at this URL
- Reported on 3 anti-phishing databases
Do not connect your wallet. If you already did, revoke approvals immediately with
show my risky approvals on Ethereumand thenrevoke approval for <spender>.
Skills and tools involved
| Skill | Role |
|---|---|
External: okx-security | Token scan, DApp scan, TX scan, signature scan, approvals |
External: okx-dex-trenches | Developer reputation, rug history, bundle detection |
research.social / x.api | Twitter profile verification |
Scenarios: SCENARIO_PROFILE_VERIFICATION · SCENARIO_NEWS_VERIFICATION