Token Audit Verdicts

Every Token Audit produces a verdict - a single classification that summarises the overall risk of the contract. The verdict is derived from a 0-100 risk score aggregated across all active modules plus behavioral signals.


CLEAN

Risk score: 0-24

No theft or rug mechanics found. The contract passed static code analysis, on-chain state checks, and liquidity verification across every active module.

A CLEAN verdict does not guarantee a token is a good investment - it means no technical mechanisms for owner-controlled theft or sell-blocking were detected. Market risk, low liquidity, and project execution risk are separate considerations.

What to check alongside a CLEAN verdict:
- Liquidity TVL - a $200 pool is trivially manipulable even with a clean contract
- LP lock duration - is liquidity locked, and for how long?
- Deployer concentration - does the deployer still hold a large share of supply?


SUSPICIOUS

Risk score: 25-49

Risky mechanics are present. The code contains patterns that can hurt holders under certain conditions - typically an owner-controlled fee setter, a blocklist mechanism, or a pausability function without strong access controls.

A SUSPICIOUS contract is not necessarily malicious. Many legitimate tokens have fee setters or pause functions. The distinction is whether bounds and access controls are in place.

Common SUSPICIOUS findings:
- Fee setter present but bounded (e.g. max 25%) - owner can extract fees but cannot drain
- Blocklist mechanism - specific addresses can be prevented from selling
- Pausability with EOA pauser - a single wallet can freeze transfers instantly
- LP unlocked or low TVL


HIGH RISK

Risk score: 50-74

Owner-controlled rug vectors exist. One transaction from the owner wallet could trap holders or drain the pool. The difference between HIGH RISK and HONEYPOT is that HIGH RISK reflects capability - the owner could act - while HONEYPOT reflects confirmed behaviour.

Common HIGH RISK findings:
- Unbounded fee setter - owner can set sell tax to 100%
- Mint with no cap - owner can inflate supply without limit
- Upgradeable proxy with EOA admin - contract logic can be replaced entirely
- EOA owner with high blast radius (can mint, pause, blacklist, or drain)


HONEYPOT

Risk score: ≥ 75 (honeypot pattern)

You can buy - but you cannot sell. The contract contains confirmed sell-blocking mechanics. Code analysis identified one or more patterns that prevent or severely restrict selling.

Do not buy a HONEYPOT token.

Common HONEYPOT findings:
- Controlled launch mode - deployer-controlled flag that blocks all sells until enabled
- Transfer restricted to admin only - regular users cannot execute sells
- Custom transfer entry point - a hidden sell path that routes tokens differently
- Kill switch - a permanent transfer disable function
- External call in transfer path that can block execution


THEFT

Risk score: ≥ 75 (theft pattern)

Funds are drained on every transfer. The contract diverts a portion of every transfer to the deployer or a controlled address. Unlike a honeypot, you can sell - but every transaction leaks value.

Do not buy a THEFT token.

Common THEFT findings:
- Balance conservation failure - tokens are removed from the sender without a matching credit to the recipient
- Unauthorized recipient in _transfer() - more than one address receives tokens on every transfer
- transferFrom() overdrain - more tokens can be pulled than the approved allowance


UNVERIFIABLE

Risk score: N/A

The contract's source code is not verified on the block explorer. Only partial bytecode analysis was possible - the contract cannot be fully inspected.

An UNVERIFIABLE verdict does not mean the token is malicious. It means a meaningful audit cannot be completed. Most legitimate protocols verify their source code. Unverified source is itself a risk signal.

What is still checked on UNVERIFIABLE contracts:
- Bytecode-level patterns (certain dangerous opcodes and selectors)
- On-chain state (owner address, pause status)
- Liquidity (pool TVL, LP locks)
- Behavioral signals (deployer fraud probability)


Risk Score Reference

Score Range Verdict
0-24 CLEAN
25-49 SUSPICIOUS
50-74 HIGH RISK
≥ 75 HONEYPOT or THEFT (pattern-dependent)
- UNVERIFIABLE (source not verified)

Module Status: n/a vs pass

These two statuses are distinct and must not be confused:

Status Meaning
pass The module ran, checked the contract, and found no issues.
n/a The module did not run - the feature it checks is absent from this contract.

Example: Pausability returns n/a when the contract has no pause() function. This does not mean the contract passed a pausability check - it means there was nothing to check.


Further Reading

- Rug Pull Detector V3 - PancakeSwap V2 Analysis 2026

See also: Modules | Token Audit Overview