Pump.fun Token Launcher
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: pumpfun-launch Version: 1.0.1 The OpenClaw skill 'pumpfun-launch' is designed to create and launch tokens on the Solana blockchain via pump.fun. While this involves inherently sensitive operations like handling cryptocurrency private keys and performing on-chain transactions, the code and documentation are transparent about these actions. The `launch.ts` script implements secure wallet management (AES-256-CBC encryption with password prompts for local storage or environment variable usage) and interacts with the Solana network and IPFS for token metadata. Crucially, the `SKILL.md` instructions for the AI agent explicitly mandate user confirmation, dry-run validation, and clear warnings about real SOL costs, demonstrating an intent for safe and transparent operation rather than malicious subversion or data exfiltration. All network and file system access is directly related to the stated purpose of launching tokens.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent invokes the live command incorrectly or too eagerly, it could spend SOL and create an irreversible public token on mainnet.
The code has a dry-run branch, but if --dry-run is absent it proceeds directly to a live on-chain createAndBuy call. There is no in-command confirmation prompt or required --confirm flag before spending SOL and creating a token.
if (dryRun === "true") { ... return; } ... const result = await sdk.createAndBuy(wallet, mintKeypair, { name, symbol, description, file: imageBlob }, BigInt(Math.floor(buyAmountSol * LAMPORTS_PER_SOL)), slippageBps, { unitLimit: 250000, unitPrice: priorityFee })Use only with explicit user confirmation, a dedicated low-balance wallet, and a dry-run first. The skill should ideally require an interactive confirmation or explicit --confirm-live flag before any mainnet transaction.
A funded wallet controlled through this skill can spend real SOL; misconfiguration or agent misuse could affect funds.
The skill uses a Solana private key or generated wallet to authorize transactions, while the registry metadata declares no primary credential and no required env vars. This is high-impact account authority even though it is disclosed in the instructions.
WALLET_PRIVATE_KEY=base58_encoded_private_key ... If `WALLET_PRIVATE_KEY` is not set, the script will generate a new wallet and save it to `.wallet.key`
Use a separate wallet funded only with the amount you are willing to spend, avoid reusing high-value private keys, and ensure the skill metadata clearly declares wallet/private-key and RPC-key requirements.
Future dependency resolution could install different package versions than the author tested, which is more sensitive for wallet-handling software.
The skill relies on npm dependencies with caret version ranges. That is common for JavaScript projects, but it is worth noticing because this tool handles wallet keys and live blockchain transactions.
"dependencies": { "@coral-xyz/anchor": "^0.30.1", "@solana/web3.js": "^1.95.8", "pumpdotfun-sdk": "^1.4.2" }Install from a trusted source, review or pin dependency versions with a lockfile, and avoid installing updates blindly for a funded-wallet tool.