Back to Blog

How to Get a Rugcheck API Key and Start Using the API

API Security

Shreya Srivastava

Sep 23, 2025

How to Get a Rugcheck API Key and Start Using the API

In the world of Web3 and DeFi, security is everything. Rugcheck has quickly become one of the most reliable tools for analyzing smart contracts and protecting investors from scams or "rug pulls." By offering an API, Rugcheck enables developers, traders, and platforms to integrate contract analysis directly into their applications.

A quick guide to get started:

Sign up at Rugcheck.xyz: Create an account and verify your email.
Generate an API key: Access the API section in your dashboard and securely store the key.
Integrate the API: Use programming languages like Python, JavaScript, Rust, or others to connect and authenticate.
Analyze tokens: Scan Solana tokens for risks, assess trust scores, and review security data.

A quick guide to get started:

Sign up at Rugcheck.xyz: Create an account and verify your email.
Generate an API key: Access the API section in your dashboard and securely store the key.
Integrate the API: Use programming languages like Python, JavaScript, Rust, or others to connect and authenticate.
Analyze tokens: Scan Solana tokens for risks, assess trust scores, and review security data.

A quick guide to get started:

Sign up at Rugcheck.xyz: Create an account and verify your email.
Generate an API key: Access the API section in your dashboard and securely store the key.
Integrate the API: Use programming languages like Python, JavaScript, Rust, or others to connect and authenticate.
Analyze tokens: Scan Solana tokens for risks, assess trust scores, and review security data.

Requirements for Using the Rugcheck API

To get started with the Rugcheck API, you’ll need a few tools and accounts. The setup is straightforward, and most developers will already have everything they need. Once ready, you’ll also need to configure your Rugcheck account to manage your API keys.

Tools and Accounts You’ll Need

Start by creating an account on Rugcheck.xyz, which will allow you to generate and manage your API keys. These keys are essential for authenticating every request you make to the API.

After creating your account, navigate to the API section in your dashboard. Look for tabs or options labeled "API", "Developer", or "API Keys." Here, you’ll generate your authentication credentials. Every API request must include your key in the X-API-KEY header.

If you’re working on Solana-specific applications, you’ll also need your Solana private key to generate JWT tokens for authentication.

Supported Programming Languages and Environments

The Rugcheck API is RESTful, meaning it’s compatible with any programming language or environment capable of making HTTP requests. This versatility allows you to use your preferred tech stack for integration.

Python: A popular choice with detailed documentation. Ensure Python 3.x is installed on your system, along with the requests library (install it via pip install requests). A Python wrapper is available on GitHub, offering examples for automated token risk checks. It includes both a command-line interface and a Python module for seamless integration.
TypeScript/JavaScript: Developers have successfully used the Rugcheck API with projects like degenfrends/solana-rugchecker, which checks Solana tokens, and monsterdev95/sol-rugchecker-raydium, which analyzes new tokens on Raydium.
Other Languages: Rugcheck can also be integrated using Rust, Java, C#, and Go, as long as your environment supports JSON parsing and HTTP headers.

Keeping Your API Credentials Secure

Protecting your API credentials is critical. Here are some best practices to ensure your keys remain secure:

Avoid Hardcoding: Never embed your API key directly in your source code. This practice leaves your credentials exposed and vulnerable to misuse.
Use Environment Variables: Store your API key in environment variables (e.g., os.getenv('RUGCHECK_API_KEY')) or use a dedicated secrets manager. In Python, this is a standard approach to keep sensitive information out of your codebase.
Backend API Calls: For frontend applications, avoid exposing your API key by routing API calls through a backend server. This adds a layer of security by keeping the key hidden from users.
Solana Key Security: For Solana-specific integrations, apply similar practices for storing your private keys. For instance, a Reddit user, filkosmak, showcased a secure method by saving their SOLANA_PRIVATE_KEY in a .env file and using it to generate JWT tokens for API requests to endpoints like /v1/tokens/{token}/report.

Tools and Accounts You’ll Need

Start by creating an account on Rugcheck.xyz, which will allow you to generate and manage your API keys. These keys are essential for authenticating every request you make to the API.

If you’re working on Solana-specific applications, you’ll also need your Solana private key to generate JWT tokens for authentication.

Supported Programming Languages and Environments

Python: A popular choice with detailed documentation. Ensure Python 3.x is installed on your system, along with the requests library (install it via pip install requests). A Python wrapper is available on GitHub, offering examples for automated token risk checks. It includes both a command-line interface and a Python module for seamless integration.
TypeScript/JavaScript: Developers have successfully used the Rugcheck API with projects like degenfrends/solana-rugchecker, which checks Solana tokens, and monsterdev95/sol-rugchecker-raydium, which analyzes new tokens on Raydium.
Other Languages: Rugcheck can also be integrated using Rust, Java, C#, and Go, as long as your environment supports JSON parsing and HTTP headers.

Keeping Your API Credentials Secure

Protecting your API credentials is critical. Here are some best practices to ensure your keys remain secure:

Avoid Hardcoding: Never embed your API key directly in your source code. This practice leaves your credentials exposed and vulnerable to misuse.
Use Environment Variables: Store your API key in environment variables (e.g., os.getenv('RUGCHECK_API_KEY')) or use a dedicated secrets manager. In Python, this is a standard approach to keep sensitive information out of your codebase.
Backend API Calls: For frontend applications, avoid exposing your API key by routing API calls through a backend server. This adds a layer of security by keeping the key hidden from users.
Solana Key Security: For Solana-specific integrations, apply similar practices for storing your private keys. For instance, a Reddit user, filkosmak, showcased a secure method by saving their SOLANA_PRIVATE_KEY in a .env file and using it to generate JWT tokens for API requests to endpoints like /v1/tokens/{token}/report.

Tools and Accounts You’ll Need

Start by creating an account on Rugcheck.xyz, which will allow you to generate and manage your API keys. These keys are essential for authenticating every request you make to the API.

If you’re working on Solana-specific applications, you’ll also need your Solana private key to generate JWT tokens for authentication.

Supported Programming Languages and Environments

Python: A popular choice with detailed documentation. Ensure Python 3.x is installed on your system, along with the requests library (install it via pip install requests). A Python wrapper is available on GitHub, offering examples for automated token risk checks. It includes both a command-line interface and a Python module for seamless integration.
TypeScript/JavaScript: Developers have successfully used the Rugcheck API with projects like degenfrends/solana-rugchecker, which checks Solana tokens, and monsterdev95/sol-rugchecker-raydium, which analyzes new tokens on Raydium.
Other Languages: Rugcheck can also be integrated using Rust, Java, C#, and Go, as long as your environment supports JSON parsing and HTTP headers.

Keeping Your API Credentials Secure

Protecting your API credentials is critical. Here are some best practices to ensure your keys remain secure:

Avoid Hardcoding: Never embed your API key directly in your source code. This practice leaves your credentials exposed and vulnerable to misuse.
Use Environment Variables: Store your API key in environment variables (e.g., os.getenv('RUGCHECK_API_KEY')) or use a dedicated secrets manager. In Python, this is a standard approach to keep sensitive information out of your codebase.
Backend API Calls: For frontend applications, avoid exposing your API key by routing API calls through a backend server. This adds a layer of security by keeping the key hidden from users.
Solana Key Security: For Solana-specific integrations, apply similar practices for storing your private keys. For instance, a Reddit user, filkosmak, showcased a secure method by saving their SOLANA_PRIVATE_KEY in a .env file and using it to generate JWT tokens for API requests to endpoints like /v1/tokens/{token}/report.

Getting started with Rugcheck’s API is simple. All you need to do is create an account, generate an API key, and store it safely. Here’s a step-by-step guide to help you through the process.

1. Create a Rugcheck Account

Sign up: Go to Rugcheck.xyz and sign up using a valid email address and a strong password.
Verify your email: Check your inbox for a verification email and click the confirmation link. (You won’t be able to generate an API key until you verify your email.)
Login to the dashboard: After verification, log in to your Rugcheck dashboard. This is where you’ll manage your API keys and other credentials.

2. Generate an API Key

Go to Developer Section: Inside your dashboard, open the API/Developer section.
Generate a new key: Click the “Generate New API Key” button.
Name your key: Use clear names like Production App or Testing Environment to identify the key later.
Copy your key: Once generated, the API key will be shown on the screen only once. Copy it immediately and store it securely.

3. Store Your API Key Safely

Keeping your key secure is as important as generating it. Here’s how:

Use an environment file:
Create a .env file in your project and add your key like this:
RUGCHECK_API_KEY=your_actual_key_here
Then use libraries (like dotenv) to load this securely in your code.
Secrets management tools:
For production, use secure services like AWS Secrets Manager, Google Secret Manager, or Azure Key Vault. These tools help rotate keys automatically and provide access logs.
Secure environment files:
- Limit access so only your app and authorized users can view the file.
- Add .env files to .gitignore so they never get uploaded to GitHub or version control systems by mistake.

Getting started with Rugcheck’s API is simple. All you need to do is create an account, generate an API key, and store it safely. Here’s a step-by-step guide to help you through the process.

1. Create a Rugcheck Account

Sign up: Go to Rugcheck.xyz and sign up using a valid email address and a strong password.
Verify your email: Check your inbox for a verification email and click the confirmation link. (You won’t be able to generate an API key until you verify your email.)
Login to the dashboard: After verification, log in to your Rugcheck dashboard. This is where you’ll manage your API keys and other credentials.

2. Generate an API Key

Go to Developer Section: Inside your dashboard, open the API/Developer section.
Generate a new key: Click the “Generate New API Key” button.
Name your key: Use clear names like Production App or Testing Environment to identify the key later.
Copy your key: Once generated, the API key will be shown on the screen only once. Copy it immediately and store it securely.

3. Store Your API Key Safely

Keeping your key secure is as important as generating it. Here’s how:

Use an environment file:
Create a .env file in your project and add your key like this:
RUGCHECK_API_KEY=your_actual_key_here
Then use libraries (like dotenv) to load this securely in your code.
Secrets management tools:
For production, use secure services like AWS Secrets Manager, Google Secret Manager, or Azure Key Vault. These tools help rotate keys automatically and provide access logs.
Secure environment files:
- Limit access so only your app and authorized users can view the file.
- Add .env files to .gitignore so they never get uploaded to GitHub or version control systems by mistake.

Getting started with Rugcheck’s API is simple. All you need to do is create an account, generate an API key, and store it safely. Here’s a step-by-step guide to help you through the process.

1. Create a Rugcheck Account

Sign up: Go to Rugcheck.xyz and sign up using a valid email address and a strong password.
Verify your email: Check your inbox for a verification email and click the confirmation link. (You won’t be able to generate an API key until you verify your email.)
Login to the dashboard: After verification, log in to your Rugcheck dashboard. This is where you’ll manage your API keys and other credentials.

2. Generate an API Key

Go to Developer Section: Inside your dashboard, open the API/Developer section.
Generate a new key: Click the “Generate New API Key” button.
Name your key: Use clear names like Production App or Testing Environment to identify the key later.
Copy your key: Once generated, the API key will be shown on the screen only once. Copy it immediately and store it securely.

3. Store Your API Key Safely

Keeping your key secure is as important as generating it. Here’s how:

Use an environment file:
Create a .env file in your project and add your key like this:
RUGCHECK_API_KEY=your_actual_key_here
Then use libraries (like dotenv) to load this securely in your code.
Secrets management tools:
For production, use secure services like AWS Secrets Manager, Google Secret Manager, or Azure Key Vault. These tools help rotate keys automatically and provide access logs.
Secure environment files:
- Limit access so only your app and authorized users can view the file.
- Add .env files to .gitignore so they never get uploaded to GitHub or version control systems by mistake.

Once you’ve set up your Rugcheck API key, the next step is learning how to make API requests. These requests let you scan tokens, check their security, and generate detailed reports.

1. Analyzing a Solana Token for Risks

The Rugcheck API makes it simple to scan tokens for potential risks. You’ll use the endpoint:

/tokens/scan/{chain}/{contractAddress}

This returns important details like risk level, trust score, scams, warnings, taxes, liquidity, and holder analysis.

Example in Python

Load your API key.
Call the Solana token scan endpoint.
Print results like Risk Level, Trust Score, and Contract Name.

Example:

token_address = "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v"  # USDC on Solana
scan_result = rugcheck.analyze_solana_token(token_address)

if scan_result:
    print(f"Risk Level: {scan_result.get('riskLevel')}")
    print(f"Trust Score: {scan_result.get('trustScore', {}).get('value')}")

Example in Rust

Use reqwest and serde_json for requests.
Call the token scan endpoint with your API key.
Print Risk Level and Trust Score.

2. Generating Security Reports

Beyond basic token scans, you can create a detailed security report that brings everything together.

A security report may include:

Risk Assessment → Risk level, trust score, and rating
Threats → Scams and warnings detected
Contract Security → Verification status, owner address, buy/sell taxes
Liquidity Analysis → How liquid the token is
Holder Distribution → Who owns how much of the supply

Example in Python:

security_report = {
    'risk_assessment': {
        'level': response_data.get('riskLevel'),
        'trust_score': response_data.get('trustScore', {}).get('value'),
    },
    'threats': {
        'scams': response_data.get('scams', []),
        'warnings': response_data.get('warnings', [])
    },
    'contract_security': {
        'is_verified': response_data.get('contractDetails', {}).get('isVerified'),
        'buy_tax': response_data.get('taxes', {}).get('buyTax'),
        'sell_tax': response_data.get('taxes', {}).get('sellTax')
    }
}

This helps you quickly detect issues like:

HONEYPOT (can’t sell)
PROXY_CONTRACT (can change logic anytime)
HIGH_TAXES (huge buy/sell fees)
OWNERSHIP_NOT_RENOUNCED (creator has too much control)

3. Working with the Data

The API response is in JSON format.
You can use it to:
- Show results in your dashboard
- Build custom alerts for scams
- Visualize token health with graphs and charts

Making API Requests with the Rugcheck API

Key Takeaways

Use /tokens/scan/{chain}/{contractAddress} to scan tokens.
Always check risk level, trust score, and warnings before making decisions.
Build security reports for deeper analysis.
Don’t just trust the data — combine it with your own research (DYOR).

Once you’ve set up your Rugcheck API key, the next step is learning how to make API requests. These requests let you scan tokens, check their security, and generate detailed reports.

1. Analyzing a Solana Token for Risks

The Rugcheck API makes it simple to scan tokens for potential risks. You’ll use the endpoint:

/tokens/scan/{chain}/{contractAddress}

This returns important details like risk level, trust score, scams, warnings, taxes, liquidity, and holder analysis.

Example in Python

Load your API key.
Call the Solana token scan endpoint.
Print results like Risk Level, Trust Score, and Contract Name.

Example:

token_address = "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v"  # USDC on Solana
scan_result = rugcheck.analyze_solana_token(token_address)

if scan_result:
    print(f"Risk Level: {scan_result.get('riskLevel')}")
    print(f"Trust Score: {scan_result.get('trustScore', {}).get('value')}")

Example in Rust

Use reqwest and serde_json for requests.
Call the token scan endpoint with your API key.
Print Risk Level and Trust Score.

2. Generating Security Reports

Beyond basic token scans, you can create a detailed security report that brings everything together.

A security report may include:

Risk Assessment → Risk level, trust score, and rating
Threats → Scams and warnings detected
Contract Security → Verification status, owner address, buy/sell taxes
Liquidity Analysis → How liquid the token is
Holder Distribution → Who owns how much of the supply

Example in Python:

security_report = {
    'risk_assessment': {
        'level': response_data.get('riskLevel'),
        'trust_score': response_data.get('trustScore', {}).get('value'),
    },
    'threats': {
        'scams': response_data.get('scams', []),
        'warnings': response_data.get('warnings', [])
    },
    'contract_security': {
        'is_verified': response_data.get('contractDetails', {}).get('isVerified'),
        'buy_tax': response_data.get('taxes', {}).get('buyTax'),
        'sell_tax': response_data.get('taxes', {}).get('sellTax')
    }
}

This helps you quickly detect issues like:

HONEYPOT (can’t sell)
PROXY_CONTRACT (can change logic anytime)
HIGH_TAXES (huge buy/sell fees)
OWNERSHIP_NOT_RENOUNCED (creator has too much control)

3. Working with the Data

The API response is in JSON format.
You can use it to:
- Show results in your dashboard
- Build custom alerts for scams
- Visualize token health with graphs and charts

Key Takeaways

Use /tokens/scan/{chain}/{contractAddress} to scan tokens.
Always check risk level, trust score, and warnings before making decisions.
Build security reports for deeper analysis.
Don’t just trust the data — combine it with your own research (DYOR).

Once you’ve set up your Rugcheck API key, the next step is learning how to make API requests. These requests let you scan tokens, check their security, and generate detailed reports.

1. Analyzing a Solana Token for Risks

The Rugcheck API makes it simple to scan tokens for potential risks. You’ll use the endpoint:

/tokens/scan/{chain}/{contractAddress}

This returns important details like risk level, trust score, scams, warnings, taxes, liquidity, and holder analysis.

Example in Python

Load your API key.
Call the Solana token scan endpoint.
Print results like Risk Level, Trust Score, and Contract Name.

Example:

token_address = "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v"  # USDC on Solana
scan_result = rugcheck.analyze_solana_token(token_address)

if scan_result:
    print(f"Risk Level: {scan_result.get('riskLevel')}")
    print(f"Trust Score: {scan_result.get('trustScore', {}).get('value')}")

Example in Rust

Use reqwest and serde_json for requests.
Call the token scan endpoint with your API key.
Print Risk Level and Trust Score.

2. Generating Security Reports

Beyond basic token scans, you can create a detailed security report that brings everything together.

A security report may include:

Risk Assessment → Risk level, trust score, and rating
Threats → Scams and warnings detected
Contract Security → Verification status, owner address, buy/sell taxes
Liquidity Analysis → How liquid the token is
Holder Distribution → Who owns how much of the supply

Example in Python:

security_report = {
    'risk_assessment': {
        'level': response_data.get('riskLevel'),
        'trust_score': response_data.get('trustScore', {}).get('value'),
    },
    'threats': {
        'scams': response_data.get('scams', []),
        'warnings': response_data.get('warnings', [])
    },
    'contract_security': {
        'is_verified': response_data.get('contractDetails', {}).get('isVerified'),
        'buy_tax': response_data.get('taxes', {}).get('buyTax'),
        'sell_tax': response_data.get('taxes', {}).get('sellTax')
    }
}

This helps you quickly detect issues like:

HONEYPOT (can’t sell)
PROXY_CONTRACT (can change logic anytime)
HIGH_TAXES (huge buy/sell fees)
OWNERSHIP_NOT_RENOUNCED (creator has too much control)

3. Working with the Data

The API response is in JSON format.
You can use it to:
- Show results in your dashboard
- Build custom alerts for scams
- Visualize token health with graphs and charts

Key Takeaways

Use /tokens/scan/{chain}/{contractAddress} to scan tokens.
Always check risk level, trust score, and warnings before making decisions.
Build security reports for deeper analysis.
Don’t just trust the data — combine it with your own research (DYOR).

Get opensource free alternative of postman. Free upto 100 team members!

Signup for your free trial

Get opensource free alternative of postman. Free upto 100 team members!

Signup for your free trial

Get opensource free alternative of postman. Free upto 100 team members!

Signup for your free trial

Reading Rugcheck API Responses

After you've successfully integrated and tested the Rugcheck API, the next step is understanding its responses. These responses provide key insights into token security, helping you evaluate risks effectively. Below, we'll break down the critical response fields and their meanings, followed by a comparison table and practical tips for exporting and visualizing the data.

Key Response Fields Explained

riskLevel: This is your main indicator of token security, with values like LOW, MEDIUM, HIGH, or CRITICAL. A CRITICAL rating signals severe risks, such as honeypots or other malicious activities.
trustScore: This field gives a numerical score (0-100) and a rating (e.g., EXCELLENT, GOOD) to indicate token safety. A score above 80 typically suggests a safer token, while anything below 30 points to higher risks.
scams: This array lists specific threats, such as HONEYPOT, FAKE_TOKEN, or RUG_PULL. Each entry includes a severity level and a contextual message to explain the risk.
contractDetails: This section provides essential contract information. The isVerified boolean confirms if the contract's source code is verified, while fields like ownerAddress and isOwnershipRenounced reveal details about control and ownership.
taxes: This object shows buyTax and sellTax percentages. High sell taxes (over 10%) can be a red flag, as they are often used by honeypot tokens to trap investors.
liquidityDetails: Offers market data, including the dollar value of totalLiquidity and the percentage of liquidityLocked. Low or unlocked liquidity is a potential sign of manipulation.
holderAnalysis: This field examines token distribution. The topHoldersConcentration value highlights how much of the token supply is held by top holders - values above 50% may indicate centralization risks.

Comparison Table: Key Response Attributes

Attribute	Advantages	Limitations	Best Use Case
`riskLevel`	Simple and quick to interpret	Lacks detailed context	Initial screening of tokens
`trustScore`	Detailed scale (0-100) with clear ratings	May overlook new attack patterns	Comparing tokens' safety
`scams` array	Identifies specific threats and severity	Potential for false positives	Thorough security audits
`liquidityDetails`	Real-time liquidity metrics	Sensitive to rapid market changes	Supporting trading decisions
`holderAnalysis`	Highlights token concentration risks	Doesn't differentiate legitimate holders	Evaluating long-term investments
`taxes`	Clear fee breakdown	Variable fees can exist in legitimate tokens	Planning transaction costs

Exporting and Visualizing Data

Once you've interpreted the API responses, exporting and visualizing the data can help you dive deeper into the analysis. You can convert API responses into formats like CSV for spreadsheet analysis or JSON for integration with analytics tools.

Here’s an example Python script to export data to a CSV file and generate a security summary:

import json
import csv
from datetime import datetime

def export_to_csv(api_response, filename):
    """Export key metrics to CSV for spreadsheet analysis"""
    csv_data = []

    # Extract main metrics
    main_data = {
        'timestamp': datetime.now().strftime('%m/%d/%Y %I:%M:%S %p'),
        'contract_address': api_response.get('contractDetails', {}).get('address'),
        'risk_level': api_response.get('riskLevel'),
        'trust_score': api_response.get('trustScore', {}).get('value'),
        'buy_tax': api_response.get('taxes', {}).get('buyTax', 0),
        'sell_tax': api_response.get('taxes', {}).get('sellTax', 0),
        'total_liquidity': api_response.get('liquidityDetails', {}).get('totalLiquidity', 0),
        'liquidity_locked_pct': api_response.get('liquidityDetails', {}).get('liquidityLocked', 0),
        'top_holders_concentration': api_response.get('holderAnalysis', {}).get('topHoldersConcentration', 0)
    }
    csv_data.append(main_data)

    # Write to CSV
    with open(filename, 'w', newline='') as csvfile:
        fieldnames = main_data.keys()
        writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
        writer.writeheader()
        writer.writerows(csv_data)

def create_security_summary(api_response):
    """Generate a formatted security summary for reports"""
    summary = {
        'analysis_date': datetime.now().strftime('%B %d, %Y at %I:%M %p'),
        'overall_assessment': {
            'risk_level': api_response.get('riskLevel'),
            'trust_score': f"{api_response.get('trustScore', {}).get('value', 'N/A')}/100",
            'rating': api_response.get('trustScore', {}).get('rating')
        },
        'critical_issues': [],
        'warnings': [],
        'financial_metrics': {
            'liquidity_usd': f"${api_response.get('liquidityDetails', {}).get('totalLiquidity', 0):,.2f}",
            'buy_tax': f"{api_response.get('taxes', {}).get('buyTax', 0):.1f}%",
            'sell_tax': f"{api_response.get('taxes', {}).get('sellTax', 0):.1f}%"
        }
    }

    # Process scams and warnings
    for scam in api_response.get('scams', []):
        if scam.get('severity') == 'CRITICAL':
            summary['critical_issues'].append(f"{scam.get('type')}: {scam.get('message')}")

    for warning in api_response.get('warnings', []):
        summary['warnings'].append(f"{warning.get('type')}: {warning.get('message')}")

    return summary

# Export to CSV and create security summary
token_data = rugcheck.analyze_solana_token("EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v")
if token_data:
    export_to_csv(token_data, f"token_analysis_{datetime.now().strftime('%Y%m%d_%H%M%S')}.csv")
    security_summary = create_security_summary(token_data)

    # Save as JSON for API integration
    with open('security_report.json', 'w') as f:
        json.dump(security_summary, f, indent=2)

Key Response Fields Explained

riskLevel: This is your main indicator of token security, with values like LOW, MEDIUM, HIGH, or CRITICAL. A CRITICAL rating signals severe risks, such as honeypots or other malicious activities.
trustScore: This field gives a numerical score (0-100) and a rating (e.g., EXCELLENT, GOOD) to indicate token safety. A score above 80 typically suggests a safer token, while anything below 30 points to higher risks.
scams: This array lists specific threats, such as HONEYPOT, FAKE_TOKEN, or RUG_PULL. Each entry includes a severity level and a contextual message to explain the risk.
contractDetails: This section provides essential contract information. The isVerified boolean confirms if the contract's source code is verified, while fields like ownerAddress and isOwnershipRenounced reveal details about control and ownership.
taxes: This object shows buyTax and sellTax percentages. High sell taxes (over 10%) can be a red flag, as they are often used by honeypot tokens to trap investors.
liquidityDetails: Offers market data, including the dollar value of totalLiquidity and the percentage of liquidityLocked. Low or unlocked liquidity is a potential sign of manipulation.
holderAnalysis: This field examines token distribution. The topHoldersConcentration value highlights how much of the token supply is held by top holders - values above 50% may indicate centralization risks.

Comparison Table: Key Response Attributes

Attribute	Advantages	Limitations	Best Use Case
`riskLevel`	Simple and quick to interpret	Lacks detailed context	Initial screening of tokens
`trustScore`	Detailed scale (0-100) with clear ratings	May overlook new attack patterns	Comparing tokens' safety
`scams` array	Identifies specific threats and severity	Potential for false positives	Thorough security audits
`liquidityDetails`	Real-time liquidity metrics	Sensitive to rapid market changes	Supporting trading decisions
`holderAnalysis`	Highlights token concentration risks	Doesn't differentiate legitimate holders	Evaluating long-term investments
`taxes`	Clear fee breakdown	Variable fees can exist in legitimate tokens	Planning transaction costs

Exporting and Visualizing Data

Here’s an example Python script to export data to a CSV file and generate a security summary:

import json
import csv
from datetime import datetime

def export_to_csv(api_response, filename):
    """Export key metrics to CSV for spreadsheet analysis"""
    csv_data = []

    # Extract main metrics
    main_data = {
        'timestamp': datetime.now().strftime('%m/%d/%Y %I:%M:%S %p'),
        'contract_address': api_response.get('contractDetails', {}).get('address'),
        'risk_level': api_response.get('riskLevel'),
        'trust_score': api_response.get('trustScore', {}).get('value'),
        'buy_tax': api_response.get('taxes', {}).get('buyTax', 0),
        'sell_tax': api_response.get('taxes', {}).get('sellTax', 0),
        'total_liquidity': api_response.get('liquidityDetails', {}).get('totalLiquidity', 0),
        'liquidity_locked_pct': api_response.get('liquidityDetails', {}).get('liquidityLocked', 0),
        'top_holders_concentration': api_response.get('holderAnalysis', {}).get('topHoldersConcentration', 0)
    }
    csv_data.append(main_data)

    # Write to CSV
    with open(filename, 'w', newline='') as csvfile:
        fieldnames = main_data.keys()
        writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
        writer.writeheader()
        writer.writerows(csv_data)

def create_security_summary(api_response):
    """Generate a formatted security summary for reports"""
    summary = {
        'analysis_date': datetime.now().strftime('%B %d, %Y at %I:%M %p'),
        'overall_assessment': {
            'risk_level': api_response.get('riskLevel'),
            'trust_score': f"{api_response.get('trustScore', {}).get('value', 'N/A')}/100",
            'rating': api_response.get('trustScore', {}).get('rating')
        },
        'critical_issues': [],
        'warnings': [],
        'financial_metrics': {
            'liquidity_usd': f"${api_response.get('liquidityDetails', {}).get('totalLiquidity', 0):,.2f}",
            'buy_tax': f"{api_response.get('taxes', {}).get('buyTax', 0):.1f}%",
            'sell_tax': f"{api_response.get('taxes', {}).get('sellTax', 0):.1f}%"
        }
    }

    # Process scams and warnings
    for scam in api_response.get('scams', []):
        if scam.get('severity') == 'CRITICAL':
            summary['critical_issues'].append(f"{scam.get('type')}: {scam.get('message')}")

    for warning in api_response.get('warnings', []):
        summary['warnings'].append(f"{warning.get('type')}: {warning.get('message')}")

    return summary

# Export to CSV and create security summary
token_data = rugcheck.analyze_solana_token("EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v")
if token_data:
    export_to_csv(token_data, f"token_analysis_{datetime.now().strftime('%Y%m%d_%H%M%S')}.csv")
    security_summary = create_security_summary(token_data)

    # Save as JSON for API integration
    with open('security_report.json', 'w') as f:
        json.dump(security_summary, f, indent=2)

Key Response Fields Explained

riskLevel: This is your main indicator of token security, with values like LOW, MEDIUM, HIGH, or CRITICAL. A CRITICAL rating signals severe risks, such as honeypots or other malicious activities.
trustScore: This field gives a numerical score (0-100) and a rating (e.g., EXCELLENT, GOOD) to indicate token safety. A score above 80 typically suggests a safer token, while anything below 30 points to higher risks.
scams: This array lists specific threats, such as HONEYPOT, FAKE_TOKEN, or RUG_PULL. Each entry includes a severity level and a contextual message to explain the risk.
contractDetails: This section provides essential contract information. The isVerified boolean confirms if the contract's source code is verified, while fields like ownerAddress and isOwnershipRenounced reveal details about control and ownership.
taxes: This object shows buyTax and sellTax percentages. High sell taxes (over 10%) can be a red flag, as they are often used by honeypot tokens to trap investors.
liquidityDetails: Offers market data, including the dollar value of totalLiquidity and the percentage of liquidityLocked. Low or unlocked liquidity is a potential sign of manipulation.
holderAnalysis: This field examines token distribution. The topHoldersConcentration value highlights how much of the token supply is held by top holders - values above 50% may indicate centralization risks.

Comparison Table: Key Response Attributes

Attribute	Advantages	Limitations	Best Use Case
`riskLevel`	Simple and quick to interpret	Lacks detailed context	Initial screening of tokens
`trustScore`	Detailed scale (0-100) with clear ratings	May overlook new attack patterns	Comparing tokens' safety
`scams` array	Identifies specific threats and severity	Potential for false positives	Thorough security audits
`liquidityDetails`	Real-time liquidity metrics	Sensitive to rapid market changes	Supporting trading decisions
`holderAnalysis`	Highlights token concentration risks	Doesn't differentiate legitimate holders	Evaluating long-term investments
`taxes`	Clear fee breakdown	Variable fees can exist in legitimate tokens	Planning transaction costs

Exporting and Visualizing Data

Here’s an example Python script to export data to a CSV file and generate a security summary:

import json
import csv
from datetime import datetime

def export_to_csv(api_response, filename):
    """Export key metrics to CSV for spreadsheet analysis"""
    csv_data = []

    # Extract main metrics
    main_data = {
        'timestamp': datetime.now().strftime('%m/%d/%Y %I:%M:%S %p'),
        'contract_address': api_response.get('contractDetails', {}).get('address'),
        'risk_level': api_response.get('riskLevel'),
        'trust_score': api_response.get('trustScore', {}).get('value'),
        'buy_tax': api_response.get('taxes', {}).get('buyTax', 0),
        'sell_tax': api_response.get('taxes', {}).get('sellTax', 0),
        'total_liquidity': api_response.get('liquidityDetails', {}).get('totalLiquidity', 0),
        'liquidity_locked_pct': api_response.get('liquidityDetails', {}).get('liquidityLocked', 0),
        'top_holders_concentration': api_response.get('holderAnalysis', {}).get('topHoldersConcentration', 0)
    }
    csv_data.append(main_data)

    # Write to CSV
    with open(filename, 'w', newline='') as csvfile:
        fieldnames = main_data.keys()
        writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
        writer.writeheader()
        writer.writerows(csv_data)

def create_security_summary(api_response):
    """Generate a formatted security summary for reports"""
    summary = {
        'analysis_date': datetime.now().strftime('%B %d, %Y at %I:%M %p'),
        'overall_assessment': {
            'risk_level': api_response.get('riskLevel'),
            'trust_score': f"{api_response.get('trustScore', {}).get('value', 'N/A')}/100",
            'rating': api_response.get('trustScore', {}).get('rating')
        },
        'critical_issues': [],
        'warnings': [],
        'financial_metrics': {
            'liquidity_usd': f"${api_response.get('liquidityDetails', {}).get('totalLiquidity', 0):,.2f}",
            'buy_tax': f"{api_response.get('taxes', {}).get('buyTax', 0):.1f}%",
            'sell_tax': f"{api_response.get('taxes', {}).get('sellTax', 0):.1f}%"
        }
    }

    # Process scams and warnings
    for scam in api_response.get('scams', []):
        if scam.get('severity') == 'CRITICAL':
            summary['critical_issues'].append(f"{scam.get('type')}: {scam.get('message')}")

    for warning in api_response.get('warnings', []):
        summary['warnings'].append(f"{warning.get('type')}: {warning.get('message')}")

    return summary

# Export to CSV and create security summary
token_data = rugcheck.analyze_solana_token("EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v")
if token_data:
    export_to_csv(token_data, f"token_analysis_{datetime.now().strftime('%Y%m%d_%H%M%S')}.csv")
    security_summary = create_security_summary(token_data)

    # Save as JSON for API integration
    with open('security_report.json', 'w') as f:
        json.dump(security_summary, f, indent=2)

Conclusion

Understanding how to make API requests and analyze response data is essential for building secure and reliable applications. With Rugcheck’s powerful token analysis and Qodex.ai’s advanced API testing and monitoring, developers get a complete toolkit to ensure both functionality and security.

By combining these platforms, you can: