Unclaimed SOL Scanner
PassAudited by ClawScan on May 1, 2026.
Overview
This skill appears to be a disclosed, read-only Solana wallet scanner that sends a public wallet address to unclaimedsol.com with user consent.
This skill looks safe for read-only scanning if you are comfortable sharing a public Solana address with unclaimedsol.com. Never provide a seed phrase or private key, and if you visit the website to claim funds, verify the domain and review any wallet transaction before signing.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The scan may let unclaimedsol.com associate the submitted wallet address with the user's request and view its public on-chain history.
The skill shares a wallet address with an external service; the artifacts clearly disclose this and require consent, but public wallet addresses can still reveal financial activity.
This skill sends the user's **Solana public key** (wallet address) to the Unclaimed SOL API (`https://unclaimedsol.com/api/check-claimable-sol`) via an HTTPS POST request.
Proceed only if comfortable sharing the public wallet address with unclaimedsol.com, and do not provide seed phrases or private keys.
Running the scan makes a network request from the user's environment to the stated API endpoint.
The skill invokes a local shell script that performs a network request, but the behavior is narrow, input-validated, and directly supports the stated scanner purpose.
RESPONSE=$(curl -s -f -X POST "$API_URL" ... -d "{\"publicKey\": \"$WALLET\"}" ...)Allow the scan only after the consent disclosure, and verify that the wallet address is public and correctly entered.