ClawHub

FourClawFun

v1.0.0

Launch custom tokens on Solana (BAGS) or BNB Chain (FLAP) via API with configurable tax and revenue sharing options.

0· 874·0 current·0 all-time
by@fourclawteam
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The SKILL.md documents an API for launching tokens on two blockchains (Solana BAGS and BNB FLAP); the skill declares no env vars, binaries, or installs — these align with an instruction-only API integration. The missing skill description/homepage is a minor documentation gap but does not contradict the behavior.
Instruction Scope
Instructions are narrowly scoped to POSTing to https://fourclaw.fun/api/launch and checking status at /api/launch/status/{jobId}. The doc does not instruct reading local files, accessing secrets, or contacting other endpoints. Note: the API is unauthenticated (explicitly stated), so any agent-provided metadata (agentId, agentName, creatorWallet) will be transmitted to a third party.
Install Mechanism
There is no install spec and no code files — the skill is instruction-only, so nothing will be written to disk or installed by the platform.
Credentials
The skill requests no environment variables or credentials. It only requires the caller to supply public identifiers (agentId, agentName, wallet addresses) as request payloads; it does not ask for private keys or other secrets.
Persistence & Privilege
The skill does not request always:true or any elevated persistence. Model invocation is allowed (default) which is expected for an agent-invokable skill.
Assessment
This skill appears to be a straightforward API wrapper for minting tokens, but it calls an unverified external domain (fourclaw.fun) and has no author or homepage listed. Before installing or using it: 1) do not ever send private keys or wallet seed phrases — the API only needs public addresses; 2) verify and trust the fourclaw.fun service (look for a website, contact, GitHub repo, or community references); 3) be aware of legal, regulatory, and fraud risks when creating tokens; 4) test with non-valuable wallets and minimal params first; and 5) if you need stronger guarantees, request an install that uses an official SDK or authenticated API with clear ownership and auditability.

Like a lobster shell, security has layers — review code before you run it.

latestvk9762sa0nrs53c469kyjh0d8f9811j9t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments