Query Token Audit

Name: Query Token Audit
Author: binance

binance/binance-skills-hub

Query Binance Web3 token security audit data before a swap or buy so you can spot honeypots, tax traps, and malicious contract behavior early.

Overview

Query Token Audit is an agent skill most often used in Validate (also Build integrations and Operate iterate) that POSTs to Binance’s token security audit API to flag scams and contract risks before trading.

Install

npx skills add https://github.com/binance/binance-skills-hub --skill query-token-audit

What is this skill?

POST Token Security Audit API on Binance Web3 with chainId and contractAddress parameters
Pre-trade use cases: honeypot detection, rug-pull signals, malicious function checks, buy or sell tax verification
Supported chains table: BSC (56), Base (8453), Solana (CT_501), Ethereum (1)
Triggers on user phrases like "is this token safe?", "check token security", and "audit token"
Designed to run before any swap, not after losses
API skill version 1.4 in skill metadata
Four supported chains in the documented table: BSC, Base, Solana, Ethereum

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Adoption & trust: 4.8k installs on skills.sh; 881 GitHub stars; 3/3 security scanners passed (skills.sh audits).

Who is it for?

Agent builders wiring pre-swap safety checks for BSC, Base, Solana, or Ethereum tokens via Binance Web3 APIs.

Skip if: Off-chain equities research, tokens on unsupported chains, or users who need guaranteed investment advice—the API is one signal among many.

When should I use this skill?

Users ask "is this token safe?", "check token security", "audit token", or before any swap.

What do I get? / Deliverables

You receive a structured security audit response for the chosen chain and contract address so you can abort or proceed with a swap based on documented risk categories instead of guesswork.

Token security audit JSON covering contract and trading risks
Scam and honeypot oriented signals from the Binance endpoint
Documented chain and address parameters used for the query

Recommended Skills

Solana Devsolana-foundation/solana-dev-skill

Solana Development Skill is the Solana Foundation’s agent playbook for building and debugging decentralized applications…28.4k installs·514 stars

Solidity Securitywshobson/agents

solidity-security is an agent skill for indie Web3 builders and small teams shipping EVM smart contracts who need concre…11.3k installs·36.5k stars

Emblem Ai Agent Walletemblemcompany/emblemai-agentwallet

Emblem Agent Wallet is an agent skill that connects assistants to EmblemAI and EmblemVault for autonomous crypto operati…8.7k installs·7 stars

Emblem Portfolio Trackeremblemcompany/agent-skills

emblem-portfolio-tracker is an agent skill packaged with a runnable portfolio-report.sh workflow for solo builders and i…8.7k installs·10 stars

Emblem Defi Yieldemblemcompany/agent-skills

Emblem DeFi Yield is an agent skill packaged as a bash script that orchestrates the EmblemAI CLI for solo builders explo…8.6k installs·10 stars

Emblem Memecoin Scoutemblemcompany/agent-skills

Emblem Memecoin Scout packages a bash workflow that drives the EmblemAI agent CLI to surface fresh memecoin launches and…8.6k installs·10 stars

Journey fit

Spans multiple journey phases - primary shelf plus alternate fits below.

Primary fit

Committing capital to a token is a validation decision—you must prove the contract is not a scam before you treat the trade as part of your product or portfolio plan. Scoping risk boundaries (chain, contract address, tax and ownership flags) matches Validate scope more than a post-launch growth or ops task.

Also useful

BuildIntegrations & version control

Also useful

OperateIteration & experiments

Where it fits

Example use

ValidateScope & plan

Audit a memecoin contract on BSC before adding it to a weekend arbitrage experiment.

Example use

BuildIntegrations & version control

Embed the audit POST as a mandatory step in your agent’s swap tool chain on Base or Ethereum.

Example use

OperateIteration & experiments

Re-run the audit after a contract upgrade rumor to decide whether to pause your bot.

How it compares

An integration skill that hits a hosted audit API, not a local static analyzer or generic Solidity code-review package.

Common Questions / FAQ

Who is query-token-audit for?

It is for solo developers and indie operators building trading assistants, alerts, or personal workflows who need automated token scam checks before execution.

When should I use query-token-audit?

Use it in Validate when scoping whether a token is safe to include in a bot or portfolio, in Build integrations when wiring swap flows, and in Operate iterate when re-auditing contracts after market rumors; always before any swap the skill describes.

Is query-token-audit safe to install?

It requires network access to Binance Web3 endpoints and handles contract addresses you supply; review the Security Audits panel on this Prism page and never treat audit JSON as sole proof of safety.

SKILL.md

READMESKILL.md - Query Token Audit

# Query Token Audit Skill

## Overview

| API | Function            | Use Case |
|-----|---------------------|----------|
| Token Security Audit | Token security scan | Detect honeypot, rug pull, scam, malicious functions |

## Use Cases

1. **Pre-Trade Safety Check**: Verify token security before buying or swapping
2. **Scam Detection**: Identify honeypots, fake tokens, and malicious contracts
3. **Contract Analysis**: Check for dangerous ownership functions and hidden risks
4. **Tax Verification**: Detect unusual buy/sell taxes before trading

## Supported Chains

| Chain Name | chainId |
|------------|---------|
| BSC | 56 |
| Base | 8453 |
| Solana | CT_501 |
| Ethereum | 1 |

---

## API: Token Security Audit

### Method: POST

**URL**: 
```
https://web3.binance.com/bapi/defi/v1/public/wallet-direct/security/token/audit
```

**Request Parameters**:

| Parameter | Type | Required | Description |
|-----------|------|----------|-------------|
| binanceChainId | string | Yes | Chain ID: `CT_501` (Solana), `56` (BSC), `8453` (Base), `1` (Ethereum) |
| contractAddress | string | Yes | Token contract address |
| requestId | string | Yes | Unique request ID (UUID v4 format) |

**Request Headers**:
```
Content-Type: application/json
Accept-Encoding: identity
User-Agent: binance-web3/1.4 (Skill)
```

**Example Request**:
```bash
curl --location 'https://web3.binance.com/bapi/defi/v1/public/wallet-direct/security/token/audit' \
--header 'Content-Type: application/json' \
--header 'source: agent' \
--header 'Accept-Encoding: identity' \
--header 'User-Agent: binance-web3/1.4 (Skill)' \
--data '{
    "binanceChainId": "56",
    "contractAddress": "0x55d398326f99059ff775485246999027b3197955",
    "requestId": "'$(uuidgen)'"
}'
```

**Response Example**:
```json
{
    "code": "000000",
    "data": {
        "requestId": "d6727c70-de6c-4fad-b1d7-c05422d5f26b",
        "hasResult": true,
        "isSupported": true,
        "riskLevelEnum": "LOW",
        "riskLevel": 1,
        "extraInfo": {
            "buyTax": "0",
            "sellTax": "0",
            "isVerified": true
        },
        "riskItems": [
            {
                "id": "CONTRACT_RISK",
                "name": "Contract Risk",
                "details": [
                    {
                        "title": "Honeypot Risk Not Found",
                        "description": "A honeypot is a token that can be bought but not sold",
                        "isHit": false,
                        "riskType": "RISK"
                    }
                ]
            }
        ]
    },
    "success": true
}
```

**Response Fields**:

| Field                             | Type | Description                                               |
|-----------------------------------|------|-----------------------------------------------------------|
| hasResult                         | boolean | Whether audit data is available                           |
| isSupported                       | boolean | Whether the token is supported for audit                  |
| riskLevelEnum                     | string | Risk level: `LOW`, `MEDIUM`, `HIGH`                       |
| riskLevel                         | number | Risk level number (1-5)                                   |
| extraInfo.buyTax                  | string | Buy tax percentage (null if unknown)                      |
| extraInfo.sellTax                 | string | Sell tax percentage (null if unknown)                     |
| extraInfo.isVerified              | boolean | Whether contract code is verified

What is this skill?

POST Token Security Audit API on Binance Web3 with chainId and contractAddress parameters

Pre-trade use cases: honeypot detection, rug-pull signals, malicious function checks, buy or sell tax verification

Supported chains table: BSC (56), Base (8453), Solana (CT_501), Ethereum (1)

Triggers on user phrases like "is this token safe?", "check token security", and "audit token"

Designed to run before any swap, not after losses

API skill version 1.4 in skill metadata

Four supported chains in the documented table: BSC, Base, Solana, Ethereum

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Adoption & trust: 4.8k installs on skills.sh; 881 GitHub stars; 3/3 security scanners passed (skills.sh audits).

What do I get? / Deliverables

You receive a structured security audit response for the chosen chain and contract address so you can abort or proceed with a swap based on documented risk categories instead of guesswork.

Token security audit JSON covering contract and trading risks

Scam and honeypot oriented signals from the Binance endpoint

Documented chain and address parameters used for the query

Journey fit

Spans multiple journey phases - primary shelf plus alternate fits below.

Primary fit

Also useful

BuildIntegrations & version control

Also useful

OperateIteration & experiments

Where it fits

Example use

ValidateScope & plan

Audit a memecoin contract on BSC before adding it to a weekend arbitrage experiment.

Example use

BuildIntegrations & version control

Embed the audit POST as a mandatory step in your agent’s swap tool chain on Base or Ethereum.

Example use

OperateIteration & experiments

Re-run the audit after a contract upgrade rumor to decide whether to pause your bot.

SKILL.md

READMESKILL.md - Query Token Audit

# Query Token Audit Skill

## Overview

| API | Function            | Use Case |
|-----|---------------------|----------|
| Token Security Audit | Token security scan | Detect honeypot, rug pull, scam, malicious functions |

## Use Cases

1. **Pre-Trade Safety Check**: Verify token security before buying or swapping
2. **Scam Detection**: Identify honeypots, fake tokens, and malicious contracts
3. **Contract Analysis**: Check for dangerous ownership functions and hidden risks
4. **Tax Verification**: Detect unusual buy/sell taxes before trading

## Supported Chains

| Chain Name | chainId |
|------------|---------|
| BSC | 56 |
| Base | 8453 |
| Solana | CT_501 |
| Ethereum | 1 |

---

## API: Token Security Audit

### Method: POST

**URL**: 
```
https://web3.binance.com/bapi/defi/v1/public/wallet-direct/security/token/audit
```

**Request Parameters**:

| Parameter | Type | Required | Description |
|-----------|------|----------|-------------|
| binanceChainId | string | Yes | Chain ID: `CT_501` (Solana), `56` (BSC), `8453` (Base), `1` (Ethereum) |
| contractAddress | string | Yes | Token contract address |
| requestId | string | Yes | Unique request ID (UUID v4 format) |

**Request Headers**:
```
Content-Type: application/json
Accept-Encoding: identity
User-Agent: binance-web3/1.4 (Skill)
```

**Example Request**:
```bash
curl --location 'https://web3.binance.com/bapi/defi/v1/public/wallet-direct/security/token/audit' \
--header 'Content-Type: application/json' \
--header 'source: agent' \
--header 'Accept-Encoding: identity' \
--header 'User-Agent: binance-web3/1.4 (Skill)' \
--data '{
    "binanceChainId": "56",
    "contractAddress": "0x55d398326f99059ff775485246999027b3197955",
    "requestId": "'$(uuidgen)'"
}'
```

**Response Example**:
```json
{
    "code": "000000",
    "data": {
        "requestId": "d6727c70-de6c-4fad-b1d7-c05422d5f26b",
        "hasResult": true,
        "isSupported": true,
        "riskLevelEnum": "LOW",
        "riskLevel": 1,
        "extraInfo": {
            "buyTax": "0",
            "sellTax": "0",
            "isVerified": true
        },
        "riskItems": [
            {
                "id": "CONTRACT_RISK",
                "name": "Contract Risk",
                "details": [
                    {
                        "title": "Honeypot Risk Not Found",
                        "description": "A honeypot is a token that can be bought but not sold",
                        "isHit": false,
                        "riskType": "RISK"
                    }
                ]
            }
        ]
    },
    "success": true
}
```

**Response Fields**:

| Field                             | Type | Description                                               |
|-----------------------------------|------|-----------------------------------------------------------|
| hasResult                         | boolean | Whether audit data is available                           |
| isSupported                       | boolean | Whether the token is supported for audit                  |
| riskLevelEnum                     | string | Risk level: `LOW`, `MEDIUM`, `HIGH`                       |
| riskLevel                         | number | Risk level number (1-5)                                   |
| extraInfo.buyTax                  | string | Buy tax percentage (null if unknown)                      |
| extraInfo.sellTax                 | string | Sell tax percentage (null if unknown)                     |
| extraInfo.isVerified              | boolean | Whether contract code is verified

Overview

Install

What is this skill?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Where it fits

Who is query-token-audit for?

When should I use query-token-audit?

Is query-token-audit safe to install?

SKILL.md

This week for builders

Overview

Install

What is this skill?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Where it fits

Who is query-token-audit for?

When should I use query-token-audit?

Is query-token-audit safe to install?

SKILL.md