ClawHub
Back to skill
v0.1.0

Agent Gary AI Powered Memecoin trader.

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:46 AM.

Analysis

This skill openly enables AI-controlled Solana memecoin trading, but it asks your agent to run unpinned remote code with wallet secrets and API keys while giving the AI authority to trade automatically.

GuidanceReview this carefully before installing. If you use it at all, run it only with a brand-new burner wallet holding a very small amount of SOL, pin and inspect the CLI code instead of piping a live URL into node, protect or delete the generated profile file, and do not enable full AI control unless you accept the possibility of rapid automated losses.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
the trading engine treats AI decisions as authoritative (it can bypass some “enforce” gates that would otherwise hard-block actions)

The skill explicitly gives the AI authority over trading decisions and says some normal enforcement gates may be bypassed.

User impactThe agent could make automated buy/sell decisions that lose wallet funds without a separate approval for each trade.
RecommendationUse only a burner wallet with a small, hard-limited balance; avoid full AI control unless you understand the risk; prefer per-trade confirmations and explicit loss/budget limits.
Agentic Supply Chain Vulnerabilities
SeverityHighConfidenceHighStatusConcern
SKILL.md
`curl -fsSL https://fdv.lol/cli.mjs | node - run-profile --profile-url ./profile.json --log-to-console` ... `https://raw.githubusercontent.com/build23w/fdv.lol/main/cli.mjs`

The executable trading code is fetched live from unpinned remote URLs, including a mutable GitHub main branch, rather than being included or pinned in the skill bundle.

User impactA future upstream change or compromised endpoint could change what code runs with access to wallet secrets and trading authority.
RecommendationUse a pinned commit or reviewed local copy, verify checksums/signatures, and avoid running mutable remote scripts for wallet operations.
Unexpected Code Execution
SeverityHighConfidenceHighStatusConcern
SKILL.md
Fetch `cli.mjs` ... `curl -fsSL https://fdv.lol/cli.mjs | node - run-profile --profile-url ./profile.json --log-to-console`

The recommended command pipes downloaded JavaScript directly into node, executing it immediately in the same environment as the local profile and secrets.

User impactRemote code can read local files and secrets available to the process and can perform transactions through the configured wallet.
RecommendationDownload and inspect the CLI before running it, execute from a restricted directory/user account, and do not expose valuable wallets or unrelated secrets to the process.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
`wallet.secret` (must exist; can be generated) ... `jupiter.apiKey` ... `agentGaryFullAi.apiKey`

The required profile includes a Solana wallet signing secret plus third-party API keys, giving the runtime access to trade funds and use user accounts.

User impactAnyone or anything that can read or run the profile can potentially spend from the wallet, submit trades, and use the configured API accounts.
RecommendationDo not use an existing funded wallet; create a new burner wallet, fund only what you can afford to lose, and rotate/revoke API keys if the profile may have been exposed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityMediumConfidenceHighStatusNote
SKILL.md
Write a complete `./profile.json` with the gathered/generated values.

The skill persists sensitive values and behavior-controlling settings in a local profile file that may be reused or modified across runs.

User impactIf the profile is synced, committed, backed up, or edited unexpectedly, wallet/API secrets or trading settings could be exposed or changed.
RecommendationStore the profile outside shared repositories, restrict file permissions, add it to .gitignore, delete it when finished, and re-check risk settings before each run.