Outsmart DEX Trading
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill is coherent for Solana trading, but it gives an agent full mainnet wallet authority and can execute irreversible trades without clearly requiring confirmation or limits.
Only install this if you are comfortable letting an agent use a Solana wallet for real mainnet transactions. Use a fresh burner wallet with limited funds, verify the outsmart npm package and repository first, run quotes and dry-runs before trades, and require explicit confirmation for every buy, sell, liquidity, fee-claim, or pool-creation command.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked incorrectly or with misunderstood parameters, the agent could spend SOL, sell tokens, alter liquidity positions, or create pools using the user's wallet.
The skill documents direct execution of mainnet trading commands, including buy/sell/liquidity/pool operations, but does not require an explicit user confirmation gate or hard limits before irreversible financial actions.
outsmart buy --dex jupiter-ultra --token MINT --amount 0.1 # execute
Require explicit confirmation for every transaction, including token mint, pool, amount, slippage, fees/tips, and expected outcome; default to quote/info/dry-run commands unless the user confirms execution.
Anyone or anything that misuses this credential can authorize transactions from the wallet, potentially risking all funds controlled by that key.
The required credential is a raw Solana private key, which provides full signing authority for the wallet rather than a limited or revocable permission token.
`PRIVATE_KEY` | Yes | Base58 Solana private key
Use a dedicated burner wallet with only the funds needed for the intended trade, avoid primary wallets, and prefer wallet-adapter or hardware-signing flows where possible.
A stored wallet private key may remain available to future agent runs, local processes, backups, or anyone with access to the machine.
The setup persists the private key in a local config file; the artifacts do not describe encryption, file-permission hardening, or cleanup.
Config saved to ~/.outsmart/config.env
Store only a low-value burner key, restrict local file permissions, remove the config when finished, and do not reuse the same key for long-term holdings.
A compromised, renamed, or unexpected package version could gain access to wallet credentials or submit unintended transactions.
The skill instructs installation of an unpinned global npm CLI package, while the reviewed artifacts contain no CLI source code; this matters because the installed tool will handle the user's private key and transaction execution.
npm i -g outsmart
Verify the npm package and GitHub repository, pin a known-good version, review the CLI source before use, and install it in an isolated environment.