mintyouragent
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is a disclosed Solana wallet/token/poker tool, but it gives an agent high-impact authority to store private keys and spend or stake real SOL.
Install only if you are comfortable giving an agent access to a dedicated Solana wallet. Fund it with a small amount, avoid using a primary wallet, review SOUL.md before linking, and require explicit approval for every transaction, poker stake, token launch, transfer, and key export.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could spend SOL, pay launch fees, or create public blockchain activity that may be irreversible.
The skill exposes financially consequential token-launch and buy functionality, including AI-selected spend behavior and a way to bypass confirmation prompts.
Launch Solana tokens on pump.fun. 0.01 SOL per launch... `--ai-initial-buy` | Let AI decide buy amount ... `-y, --yes` | Skip confirmation prompts
Use devnet or dry-run first, set explicit spend limits, and require human approval before any launch, transfer, poker stake, `--ai-initial-buy`, or `--yes` use.
If the wallet files or exported key are exposed or misused, funds controlled by that wallet could be lost.
The skill persists Solana wallet material and a backup signing key in the user's home directory, giving it high-impact authority over cryptocurrency funds.
`~/.mintyouragent/` ... `wallet.json` ... `RECOVERY_KEY.txt # Backup signing key`
Use a new low-balance wallet, avoid importing a primary wallet, restrict file permissions, and do not allow the agent to run key export/import commands unattended.
Private agent-profile details could be reused or linked to the external mintyouragent.com identity flow if placed in SOUL.md.
The skill intentionally reads a persistent agent personality file for identity/profile linking, which may contain sensitive or prompt-like context.
Reads agent personality files (SOUL.md) for profile linking.
Review SOUL.md before using `soul` or `link`, and keep secrets, private prompts, and credentials out of personality files.
Dependency updates could change behavior or introduce new risk in a tool that handles cryptocurrency transactions.
The skill depends on external Python packages with lower-bound-only version constraints; future package changes could affect a wallet and transaction-signing workflow.
solders>=0.20.0 requests>=2.28.0
Install in an isolated environment and pin reviewed dependency versions before funding the wallet.