Prism Scanner

Instant rug pull detection for any token. Holder concentration, liquidity locks, contract risks. DYOR before you ape. Works with AI agents.

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 1 · 1.7k · 0 current installs · 0 all-time installs

by@NextFrontierBuilds

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name/description claim a token rug/scam scanner and the code (scan.sh) calls an external PRISM API to perform analysis — this is coherent. Minor inconsistencies: SKILL.md documents an optional PRISM_API_KEY but the script never uses it; skill.json provides a repository URL but source/homepage are marked unknown in the registry metadata.

Instruction Scope

Runtime instructions and the script send token symbols or contract addresses to an external service (default PRISM_URL=https://strykr-prism.up.railway.app). Sending token/contract identifiers to a third-party API is expected for this feature, but it is network exfiltration of the query data — users should confirm they trust the endpoint. The SKILL.md does not instruct the agent to read unrelated local files or secrets.

✓

Install Mechanism

No install spec (instruction-only plus a small script) — low risk from installs. The skill does not download or extract remote archives and does not create persistent binaries.

ℹ

Credentials

No required environment variables are declared in the registry, which is proportionate. SKILL.md documents PRISM_URL and an optional PRISM_API_KEY, but the provided scan.sh only uses PRISM_URL and does not include any use of PRISM_API_KEY in its curl calls — this mismatch should be clarified. The script also relies on curl and jq but the skill metadata does not declare these required binaries.

✓

Persistence & Privilege

always is false and the skill does not request persistent system privileges or modify other skills. The skill does network calls but otherwise does not require elevated privileges or permanent presence.

What to consider before installing

This skill behaves like a network-backed token scanner (it sends the token/contract you ask about to a remote PRISM API). Before installing: (1) verify the PRISM API endpoint (default is strykr-prism.up.railway.app) — only use it if you trust that host or change PRISM_URL to a vetted endpoint; (2) note SKILL.md mentions PRISM_API_KEY but the script doesn’t use it — ask the author why and request a version that uses authenticated calls if needed; (3) the script requires curl and jq but the skill metadata doesn’t declare them — ensure your environment has these tools; (4) don’t supply private keys or other secrets to this skill; (5) if you need higher assurance, review the repo at the skill.json repository URL or request the author to publish a homepage and signed releases.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.1.2

Download zip

latestvk97ed12q1v1m6yj12snv1y9fhn80hdjd

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Token Rug Checker

DYOR before you ape. Instant rug pull detection for any crypto token.

Scans holder concentration, liquidity locks, contract honeypots, and copycat scams. Works with Solana and EVM chains. Powered by Strykr PRISM.

Quick Usage

# Scan by symbol
./scan.sh PEPE

# Scan by contract address
./scan.sh 0x6982508145454Ce325dDbE47a25d4ec3d2311933

# Get JSON output
./scan.sh PEPE --json

What It Checks

Check	Endpoint	Risk Factor
Copycat/Scam	`/analyze/copycat`	High
Holder Concentration	`/analytics/holders`	Medium
Liquidity Status	`/analyze`	High
Contract Verification	`/analyze`	Medium
Token Age	`/analyze`	Low
Rebrand History	`/analyze/rebrand`	Info

Risk Score Calculation

0-25:   ✅ Lower Risk (Green)
26-50:  ⚠️ Medium Risk (Yellow)
51-75:  🔶 Higher Risk (Orange)
76-100: 🚨 High Risk (Red)

Scoring Breakdown

Factor	Max Points	Trigger
Copycat detected	30	Similarity > 70% to known scam
Honeypot pattern	25	Buy/sell tax anomaly
Holder concentration	25	Top 10 wallets > 60%
Unlocked liquidity	20	LP not locked
Unverified contract	15	Not verified on explorer
New token (<7 days)	10	Recently launched
Low liquidity	10	< $10K liquidity

Output Format

🛡️ PRISM Token Scan: PEPE

Contract: 0x6982508...2311933
Chain: Ethereum

━━━━━━━━━━━━━━━━━━━━━━━━━━━━

RISK SCORE: 35/100
████████░░░░░░░░░░░░ Lower Risk

━━━━━━━━━━━━━━━━━━━━━━━━━━━━

CHECKS:
✅ No copycat detected
✅ Contract verified on Etherscan
✅ Liquidity locked (12 months)
⚠️ Top 10 wallets hold 42% of supply
✅ Token age: 8 months
✅ Normal buy/sell taxes (0%/0%)

━━━━━━━━━━━━━━━━━━━━━━━━━━━━

HOLDER DISTRIBUTION:
• Top holder: 3.2%
• Top 10: 42%
• Top 100: 68%

━━━━━━━━━━━━━━━━━━━━━━━━━━━━

⚠️ DYOR - This is not financial advice

API Endpoints Used

# 1. Resolve token to canonical form
GET /resolve/{symbol_or_address}

# 2. Get general analysis
GET /analyze/{symbol}

# 3. Check for copycat/scam
GET /analyze/copycat/{symbol}

# 4. Get holder distribution
GET /analytics/holders/{contract}

# 5. Check rebrand history
GET /analyze/rebrand/{symbol}

Integration Examples

Telegram Bot

User: /scan PEPE
Bot: 🛡️ Scanning PEPE...
     
     Risk Score: 35/100 (Lower Risk)
     
     ✅ No copycat detected
     ✅ Liquidity locked
     ⚠️ Top 10 hold 42%
     
     [Full Report] [Share]

Discord Bot

!scan 0x6982508...

Web App

const result = await prismScan('PEPE');
// { score: 35, checks: [...], holders: {...} }

Environment Variables

PRISM_URL=https://strykr-prism.up.railway.app
PRISM_API_KEY=your-api-key  # Optional

Built by @NextXFrontier

Files

3 total

Select a file

Select a file to preview.

Comments

Loading comments…