Solpaw-Launcher
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: solpaw-launcher Version: 3.0.2 The skill is classified as suspicious due to a significant functional discrepancy between the advertised security model and the implemented SDK behavior. While `SKILL.md` and `README.md` strongly emphasize 'Local Mode' where the agent's wallet is the on-chain creator and `SOLANA_PRIVATE_KEY` is used for local signing only, the `solpaw-skill.ts` SDK's `launchToken` method uses the `/tokens/launch` API endpoint, which is described in `references/api-docs.md` as a 'Fallback' where the server signs the transaction and the platform wallet becomes the on-chain creator. This misrepresentation of token ownership and transaction signing mechanism, despite the `SOLANA_PRIVATE_KEY` not being exfiltrated, creates a trust vulnerability.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A bad or unexpected transaction could spend funds from the signing wallet or create an irreversible on-chain action.
The skill asks the agent to use a Solana private key to sign launch transactions built through an external API. Although the docs recommend an ephemeral wallet, the artifacts do not show local transaction inspection or hard spending bounds before signing.
`SOLANA_PRIVATE_KEY` — your wallet private key (base58 encoded, for local signing only — never sent to server) ... `TX_DATA=$(curl ... /tokens/launch-local ...)` ... `# Sign the transaction with your private key, then submit`
Use a fresh wallet funded only with the intended fee and initial buy amount, never use a main wallet key, and inspect decoded transaction instructions before signing.
A user may believe their wallet will be the Pump.fun on-chain creator when the visible SDK path may instead use a server-signed fallback flow.
The visible launchToken implementation uses the `/tokens/launch` Lightning/fallback endpoint. The provided API docs describe that endpoint as server-signed with the platform wallet as on-chain creator, which conflicts with SKILL.md's repeated claim that the user's wallet is the on-chain creator in Local Mode.
`// Launch via Lightning API` ... `>("POST", "/tokens/launch", { ... creator_wallet: params.creator_wallet || this.config.defaultCreatorWallet ... })`Require the local-mode `/tokens/launch-local` plus signed submit flow for creator-owned launches, or update the docs and command path so the creator behavior is unambiguous.
If the wrong command or parameters are approved, the agent could perform an unintended token launch or related API action.
The skill is configured to use raw exec dispatch and includes curl/API workflows. This is purpose-aligned for an instruction-only integration, but it means users should review the exact command/API call before running it.
`command-dispatch: tool`; `command-tool: exec`; `command-arg-mode: raw`
Only run reviewed commands, confirm token name/symbol/description and fee details, and prefer a typed/scoped tool path where available.