ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Solana Memecoin Guardian v2

v1.0.0

Autonomously discovers and trades Solana memecoins by copying smart wallets, analyzing markets, detecting social trends, and enforcing strict on-chain risk c...

0· 350·0 current·0 all-time
by@binance237a-hash
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill is a full-featured Solana trading bot (copy-trading, live swaps, RPC queries, X stream). That purpose legitimately requires SOLANA_RPC_URL, HELIUS_API_KEY, JUP_API_KEY and a WALLET_PRIVATE_KEY to perform live trades — but the registry metadata lists no required environment variables or primary credential. The metadata therefore underreports the skill's privileges and needed secrets.
Instruction Scope
SKILL.md and docs explicitly instruct how to run in paper or live mode and to place API keys and a wallet private key in .env. The runtime instructions (and the code) will: read local config files, poll external services (DexScreener, Jupiter, Helius, Solana RPC, X/Twitter), and sign/send transactions when in live mode. All of that is consistent with the described trading purpose; there is no obvious out-of-scope file-reading or hidden exfiltration to unexpected endpoints.
Install Mechanism
No install spec was provided in the registry, but the bundle contains a full Node/TypeScript project and package.json. Running it requires npm install / tsx (dependencies are normal for Solana tooling). The mismatch (registry says instruction-only while code files exist) is an integrity/packaging concern but not an outright malicious install mechanism.
!
Credentials
Live operation requires high‑privilege secrets: WALLET_PRIVATE_KEY_BASE58 or WALLET_PRIVATE_KEY_JSON (used to sign and send transactions), SOLANA_RPC_URL (node access), HELIUS_API_KEY (wallet event streaming), JUP_API_KEY (Jupiter), and optionally X_BEARER_TOKEN. These are proportionate to a live trading bot, but the registry metadata omitted declaring any required envs/primary credential — that omission increases risk because users may not realize they must supply a private key. Supplying a private key gives the skill full control over funds in that wallet.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and does not persist tokens into other skills. It reads local config files and may write nothing persistent; autonomy (agent-invocation) is allowed by default but is not unusual for skills. No system-wide privilege escalation was observed.
Scan Findings in Context
[reads_WALLET_PRIVATE_KEY] expected: loadKeypair() reads WALLET_PRIVATE_KEY_BASE58 or WALLET_PRIVATE_KEY_JSON in src/providers/swapExecutor.ts; this is required to sign/send live trades — expected for a trading bot but is sensitive.
[sends_raw_transactions] expected: The code constructs and signs VersionedTransaction and calls Connection.sendRawTransaction (live buy/sell paths) — expected for executing swaps, but this gives the skill the ability to move funds if a private key is provided.
[uses_external_APIs] expected: The skill calls DexScreener, Jupiter, Helius, Solana RPC and X filtered stream endpoints — normal for market data and narrative detection.
[metadata_env_mismatch] unexpected: Registry metadata lists no required env vars or primary credential, but SKILL.md/docs and code clearly require several API keys and a wallet private key; this mismatch is unexpected and should be corrected before installation.
[dotenv_missing_usage] unexpected: Package.json includes dotenv, README instructs using .env, but the codebase does not import dotenv.config() centrally — this is an implementation inconsistency that may confuse users expecting .env to be auto-loaded.
What to consider before installing
This bundle is a coherent Solana trading bot and WILL need sensitive credentials to run live (a private key capable of signing transactions, Solana RPC URL, Helius and Jupiter API keys, and optionally an X/Twitter Bearer token). Before you run it: (1) Treat it as high-risk — do NOT put a main wallet private key here. Use an isolated test wallet with only a small amount of funds if you want to experiment. (2) Prefer paper mode for initial testing (no live transactions). (3) Review the code paths that call loadKeypair() and sendRawTransaction so you understand exactly when and how it can move funds. (4) Correct the metadata/manifest: the registry should declare the required env vars and primary credential so users are aware. (5) Consider alternatives to pasting an uncovered private key (hardware signer, signer service, or a wallet delegate with restricted allowances). (6) Run in a sandbox or isolated environment and audit network activity if you plan to run live. If you want, I can list the exact files/lines that read each env var and perform signing/network calls so you can audit those spots.

Like a lobster shell, security has layers — review code before you run it.

latestvk976xar86dphmjkv4vf76vk2cs8239qm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments