CLAWP
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: clawp Version: 0.2.0 The skill is designed to help users create and launch memecoins, a high-risk activity. However, the agent's role is strictly defined as advisory and coordinating within 'fixed execution mechanics' and 'predefined system mechanics'. Both `SKILL.md` and `prompt.txt` contain explicit safety guardrails, stating the agent will not custody funds, execute transactions, provide financial advice, or make discretionary financial decisions. There is no evidence of data exfiltration, malicious execution, persistence, or prompt injection attempts designed to make the agent perform unauthorized or harmful actions. The instructions for the agent are focused on generating a structured blueprint and triggering pre-approved, sandboxed actions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could be guided from a simple idea into an irreversible public token launch or financial actions without enough clarity about what will happen before execution.
These are high-impact deployment and transaction-like actions, but the artifacts do not define the exact tools, transaction review process, spending limits, cancellation path, or per-action approvals.
Your purpose is to transform a simple user idea into a fully executed meme token launch ... Coordinate token deployment workflows ... Manage post launch buyback and burn execution
Limit the skill to advisory blueprint generation unless the deployment flow explicitly shows transaction details, requires user-signed approvals for every financial action, and documents spending limits and rollback/cancel options.
Users may not know what wallet, funds, or delegated authority the agent or platform needs to launch and manage the token.
The skill references fund handling and creator-fee-based buybacks, but the registry declares no primary credential, required environment variables, wallet boundary, or account authority model.
Funds are handled through controlled execution flows
Clearly disclose whether any wallet, signer, deposit address, custody flow, or platform account is used, and require explicit user authorization for each fund-moving action.
A user may install or use the skill believing it only gives advice, while other included instructions frame it as an autonomous execution agent.
This advisory safety framing conflicts with prompt.txt and README.md language about fully executed launches and automatic buyback/burn actions, which could mislead users about the agent's actual role.
- **No transaction execution**: AI advises only, execution is fixed mechanics
Make the skill description, guardrails, and operational prompt consistent: either advisory-only, or clearly disclose execution capabilities and required safeguards.
The agent or platform may continue taking financial/token-management actions after launch without the user understanding how to stop or supervise it.
This describes autonomous activity after the initial launch, but the artifacts do not define duration, stop conditions, monitoring, user override, or containment.
Post-launch buyback and burn actions are handled automatically
Document post-launch automation limits, require opt-in, provide a clear disable/stop mechanism, and surface all scheduled or triggered actions for user review.