Pump Fun
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill The skill's purpose is to facilitate crypto trading on Pump.fun, which inherently requires access to a `SOLANA_PRIVATE_KEY`. This requirement is explicitly declared in `SKILL.md` as a necessary environment variable for the skill's stated functionality. The documentation also includes security notes, such as using a dedicated wallet and claiming 'Local Transaction API for maximum security', indicating an awareness of the sensitive nature of the operation. There is no evidence of intentional data exfiltration, malicious execution, persistence mechanisms, prompt injection attempts to subvert the agent, or obfuscation within the provided files. The `npm install` instruction is a standard setup step for Node.js projects and does not, by itself, indicate malicious intent.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or unintended invocation could cause real financial loss or public token creation.
These commands can spend SOL, sell tokens, or create a new public token, but the artifact does not define confirmation requirements, limits, dry runs, or rollback protections.
Usage: `/pump-buy <mint_address> <amount_sol> [slippage]` ... `/pump-sell <mint_address> <amount|percentage> [slippage]` ... `/pump-launch <name> <symbol> <description> [dev_buy_sol]`
Require explicit user confirmation for each transaction, set maximum spend/slippage limits, and use a dedicated low-balance wallet.
Anyone or anything that mishandles this key could move wallet funds or authorize irreversible transactions.
A raw Solana private key is full wallet-signing authority. Although relevant to trading, the artifacts do not show scoped permissions or reviewable code explaining how the key is handled.
`SOLANA_PRIVATE_KEY` - Your Solana wallet private key (base58 encoded)
Do not use a main wallet. Use a new trading wallet with limited funds, and only install after verifying the implementation that handles the key.
The user cannot verify from the supplied artifacts what code or dependencies would handle their private key or transactions.
The provided artifact set contains only SKILL.md and no package or source files, yet it instructs dependency installation. This is a provenance gap for a skill that requires a wallet private key.
Install dependencies:
```bash
cd {baseDir}
npm install
```Publish the complete source/package files and lockfile, or avoid running setup until the implementation is reviewed.
A user may over-trust the skill’s private-key handling without being able to inspect how transactions are actually created and signed.
This is a strong security assurance, but the supplied artifacts include no implementation to verify local-only signing or key handling.
The skill uses the Local Transaction API for maximum security (transactions are signed locally)
Treat the security claim as unverified until the complete implementation is available and reviewed.