There are a few mitigations in place already.
We are repurposing existing code as much as possible. We are taking functions that were created to work only with STEEM and making them generic to work with SMTs without changing the functionality. This gives us a greater confidence in a large percentage of the behavior of SMTs as these functions have been battle tested over the last three and a half years. It is not a guarantee, but a high degree of confidence.
We are reserving more of our time for testing SMTs than we have with previous releases.
If there is a bug in SMTs, it will cause a chain halt for everyone. This will allow us to not only fix to first buggy token, but also fix every other SMT at the same time. It will also avoid situations like Ethereum Classic. Because the entire chain will halt, a bug with one token won't require rolling back the entire network and will keep everyone's coins safe.
RE: Initial Coin Offerings with SMTs