Token Launcher - Token Launch Pad
v1.0.15Launch tokens and keep 100% of your creator fees. Direct Mode provides full SDK integration guides for Clanker (7 EVM chains), Flaunch (Base), and Pump.fun (...
⭐ 0· 417·0 current·0 all-time
byNinja Dev (QI)@azep-ninja
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (token launch + keep fees) match the included materials: detailed Direct Mode SDK guides for Clanker, Flaunch, Pump.fun and an Easy Mode via the Tator API. Nothing requested (no env vars, no binaries, no install) is unexpected for a documentation-only developer guide.
Instruction Scope
SKILL.md and the reference files contain full developer code patterns (EVM unsigned calldata, Solana instruction building, fee manager deployment) and explicit examples showing how to call an external convenience API (x402.quickintel.io) using a PAYMENT-SIGNATURE header. This is normal for a developer reference, but it explicitly instructs the agent/user to send token details and wallet addresses to an external endpoint if Easy Mode is used. The docs repeatedly warn not to share private keys and to use dedicated wallets and secrets managers; however, following the examples incorrectly (e.g., pasting private keys into an agent) could expose secrets. The agent itself has no declared steps that would read local secrets or private keys.
Install Mechanism
No install spec and no code files to execute — the skill is instruction-only. That is the lowest install risk and consistent with being a documentation/reference skill.
Credentials
The skill declares no required environment variables or credentials. The reference examples mention common placeholders (PRIVATE_KEY, RPC_URL, service API keys for Pinata/web3.storage) that developers would reasonably need in their own infra; these are not required by the skill itself. The external Easy Mode API requires a PAYMENT-SIGNATURE header at call time (signed by the user's wallet) — this is documented and does not imply stored credentials in the skill.
Persistence & Privilege
The skill does not request persistent privileges (always:false) and is user-invocable. It does not modify other skills or system configs. Autonomous invocation is permitted by platform defaults but is not combined with broad credential access here.
Assessment
This skill is a documentation-only guide for launching tokens; it appears internally consistent. Before using it, take these precautions: 1) Never paste or upload private keys into an agent or third-party API — use a dedicated launch wallet and a secrets manager. 2) If you choose Easy Mode (Tator/x402.quickintel.io), understand you are sending token details and a wallet-signed PAYMENT-SIGNATURE to an external service that takes a 10% fee; verify you trust that service and read their docs/privacy. 3) For Direct Mode, review and pin third-party SDKs (clanker-sdk, viem, @solana/web3.js) and verify contract addresses on-chain (Basescan/Solscan). 4) Test everything with minimal funds and audit any deployed contracts. 5) If you want greater assurance, ask for the upstream project repos or signed release artifacts for the SDKs the docs reference and/or request that the skill include a short checklist that the agent must present to the user before making any external API call. Overall: coherent and expected for a developer reference, but normal Web3 operational security practices are essential.Like a lobster shell, security has layers — review code before you run it.
latestvk976dybn7en18de69jv1vhrg7d822mpq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🚀 Clawdis