openfin-launchpad
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted token metadata, such as names, descriptions, and social links, which are either provided by users or retrieved from the launchpad's public feed. This data is interpolated into the agent's context, presenting a surface for indirect prompt injection.
- Ingestion points: Token metadata fields in the
launch_tokenaction and thelist_tokens(explore feed) response inSKILL.md. - Boundary markers: The 'Safety contract' section mandates showing users previews and obtaining explicit confirmation before submitting transactions.
- Capability inventory: High-impact on-chain write operations including token minting (
launch_token), asset swaps (buy,sell), and liquidity migration (migrate). - Sanitization: Instructions explicitly prohibit the agent from using token information from untrusted content without user re-typing or verification.
Audit Metadata