Workflows & Recipes
Token security checks for AI agents
Your AI agent needs to decide what should happen before a user swaps: pass, block, or escalate based on risk evidence.
That sounds simple, but answering it responsibly means checking the token contract for honeypot traps, verifying the dApp is not a known phishing site, and simulating expected transaction effects before the request moves toward signing. Miss one step and your agent either blocks legitimate trades without evidence or passes a risky transaction to the next approval step.
Without Hive
Building this yourself means stitching together at least two providers with completely different auth models, schemas, and failure modes.
GoPlus for token security - sign up, get an API key, learn their query-parameter schema, handle their rate limits and error format.
Tenderly for transaction simulation - a separate account, a separate API key, a project-scoped URL, a different auth header (X-Access-Key), and a different response shape.
Then you write custom risk-scoring logic to combine both results into a risk policy or escalation decision.
import requests
# --- Provider 1: GoPlus token security ---
goplus_resp = requests.get(
"https://api.gopluslabs.io/api/v1/token_security/1",
params={
"contract_addresses": "0xdAC17F958D2ee523a2206206994597C13D831ec7"
},
)
goplus_data = goplus_resp.json()
is_honeypot = goplus_data["result"]["0xdac17f958d2ee523a2206206994597c13d831ec7"]["is_honeypot"]
buy_tax = goplus_data["result"]["0xdac17f958d2ee523a2206206994597c13d831ec7"]["buy_tax"]
sell_tax = goplus_data["result"]["0xdac17f958d2ee523a2206206994597c13d831ec7"]["sell_tax"]
# --- Provider 2: Tenderly simulation ---
tenderly_resp = requests.post(
"https://api.tenderly.co/api/v1/account/ME/project/MY_PROJECT/simulate",
headers={"X-Access-Key": "TENDERLY_API_KEY"},
json={
"network_id": "1",
"from": "0xYOUR_WALLET",
"to": "0xCONTRACT",
"input": "0xSWAP_CALLDATA",
"value": "0",
},
)
sim_data = tenderly_resp.json()
# --- Custom risk logic combining both ---
# This is a policy input, not a guarantee.
passes_basic_policy = (
is_honeypot == "0"
and float(buy_tax) < 0.1
and float(sell_tax) < 0.1
and sim_data["transaction"]["status"]
)That is roughly 35 lines before you add error handling, retries, or a third provider for phishing detection. You manage two API keys, two auth flows, two response formats, and a hand-rolled scoring function that breaks the moment either provider changes their schema.
With Hive
Two tool calls through one API key. Same endpoint, same auth header, same JSON shape.
import requests
def hive(tool: str, args: dict) -> dict:
r = requests.post(
"https://mcp.hiveintelligence.xyz/api/v1/execute",
headers={"Authorization": "Bearer YOUR_HIVE_API_KEY"},
json={"tool": tool, "args": args},
timeout=30,
)
r.raise_for_status()
payload = r.json()
if not payload.get("ok", False):
raise RuntimeError(payload.get("error", {}).get("message", "Hive call failed"))
return payload["data"]
security = hive("get_token_security", {
"chainId": "1",
"contract_addresses": "0xdAC17F958D2ee523a2206206994597C13D831ec7",
})
simulation = hive("simulate_evm_transaction", {
"chain_id": "1",
"from": "0xYOUR_WALLET",
"to": "0xCONTRACT",
"data": "0xSWAP_CALLDATA",
})Both responses come back in a consistent JSON envelope. Your agent reads the fields it needs without schema translation or a second set of credentials. Those responses give the agent risk evidence to evaluate against your policy. They do not provide a safety guarantee or authorize a swap.
Side-by-side comparison
| Without Hive | With Hive | |
|---|---|---|
| API keys | 2+ (GoPlus, Tenderly, ...) | 1 |
| Auth flows | Different per provider | One header everywhere |
| Response formats | Provider-specific | Consistent JSON envelope |
| Lines of code | ~35 before error handling | ~15 including the helper |
| Adding phishing checks | Third provider, third key | One more hive() call |
| Schema discovery | Read each provider's docs | tools/list or hive://tools |
Available security tools
Hive bundles six security tools behind the same endpoint and auth:
| Tool | What it does |
|---|---|
get_token_security | Honeypot detection, ownership analysis, buy/sell tax checks |
check_dapp_security | dApp risk scoring against known threat databases |
check_phishing_site | Phishing URL detection for any link your agent encounters |
simulate_evm_transaction | Pre-execution simulation so your agent can inspect expected effects before the user signs |
tenderly_trace_transaction | Deep execution tracing for post-mortem or advanced inspection |
detect_rugpull | Rug pull risk analysis based on contract patterns and liquidity signals |
All six are available through the Security & Risk category endpoint (/hive_security_risk/mcp) or the root MCP endpoint.
Why Hive fits this workflow
The security use case shows the difference between a do-it-yourself integration and Hive clearly:
- One API key vs three. Every additional provider is another secret to rotate, another dashboard to monitor, another billing account to manage.
- One auth flow vs three. GoPlus uses query params. Tenderly uses
X-Access-Key. Other providers use Bearer tokens. Hive uses one header for everything. - Consistent JSON vs three different response formats. Your agent parses one shape instead of writing adapter code per provider.
- Runtime tool discovery vs static documentation. Your agent can call
tools/listto inspect the current security-tool schemas instead of hand-maintaining provider wrappers.
For an AI agent that needs to decide whether a token should pass, block, or escalate at request time, fewer moving parts means fewer ways the check fails. Hive collapses the security stack into one connection.
Approval boundary
Hive security tools return risk signals and simulated effects. They are read-only data tools: they do not sign transactions, execute swaps, custody assets, or decide whether capital should be deployed.
Treat token security and simulation responses as inputs to your app's policy. Surface unknown, degraded, provider-unavailable, and rate-limited states to the user, then require explicit user or application approval before any downstream signing or exchange action.