bio-launchpad
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows security best practices by managing the agent's private key through environment variables (BIO_AGENT_PRIVATE_KEY) rather than hardcoding sensitive credentials in the source files.
- [SAFE]: Mandatory safety rules are established that require explicit user confirmation and a transaction summary before any write operation is performed on the blockchain.
- [SAFE]: The skill implements a 'fail-closed' security posture, instructing the agent to stop and consult the user if any metadata, contract addresses, or claim proofs appear incorrect or inconsistent.
- [SAFE]: Network communications are exclusively directed toward the official vendor domain (app.bio.xyz) for registration and metadata retrieval, which is consistent with the skill's primary function.
- [SAFE]: Preflight checks are integrated into the workflow to verify the correct blockchain network (Base, ID 8453), contract checksums, and token decimals before any transaction is initiated.
Audit Metadata