openfin-launchpad

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted token metadata, such as names, descriptions, and social links, which are either provided by users or retrieved from the launchpad's public feed. This data is interpolated into the agent's context, presenting a surface for indirect prompt injection.
  • Ingestion points: Token metadata fields in the launch_token action and the list_tokens (explore feed) response in SKILL.md.
  • Boundary markers: The 'Safety contract' section mandates showing users previews and obtaining explicit confirmation before submitting transactions.
  • Capability inventory: High-impact on-chain write operations including token minting (launch_token), asset swaps (buy, sell), and liquidity migration (migrate).
  • Sanitization: Instructions explicitly prohibit the agent from using token information from untrusted content without user re-typing or verification.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 07:02 PM
Security Audit — agent-trust-hub — openfin-launchpad