ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

test

Design and model ERC20 tokenomics with vesting schedules, allocation tables, Uniswap liquidity math, and investor documentation for new token launches.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 33 · 0 current installs · 0 all-time installs
by@samledger67-dotcom
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill's name and description (ERC20 tokenomics, vesting, Uniswap math, investor docs) align with the included references and scripts. Generating vesting wallets, allocation tables, and liquidity math legitimately requires deployment scripts and addresses, which the references provide.
!
Instruction Scope
SKILL.md and referenced files include deploy and automation scripts that call blockchain functions and require secrets (e.g., vm.envUint("PRIVATE_KEY"), process.env.TOKEN_ADDRESS, FACTORY_ADDRESS, vestees.json). The manifest lists no required env/config, so the instructions expect access to private keys and local files that are not declared — this mismatch can cause an agent or user to expose keys or run privileged transactions unintentionally.
Install Mechanism
This is an instruction-only skill with no install spec and no downloaded artifacts. That minimizes disk-write/install risk.
!
Credentials
Although deployment requires a signing key and RPC config (PRIVATE_KEY, TOKEN_ADDRESS, FACTORY_ADDRESS, provider/RPC), the skill's registry metadata lists zero required environment variables. Requesting or using a private key is expected for deployments but must be explicitly declared and handled safely; the omission is disproportionate and risky.
Persistence & Privilege
The skill is not always-enabled and does not request persistent system-wide privileges. It does include automation (release keeper) patterns that, if executed, would perform on-chain transactions — which is normal for deployment tooling but requires careful key handling.
What to consider before installing
This skill appears to provide reasonable tokenomics templates and deployment/automation scripts, but it omits declaring the sensitive environment variables and local files the scripts actually use. Before installing or running anything: 1) Do not paste private keys or secrets into an agent or UI — run deploy scripts locally in a controlled environment. 2) Expect to need PRIVATE_KEY (or a signer), TOKEN_ADDRESS, FACTORY_ADDRESS, and a vestees.json (or equivalent); confirm what each script does and which account signs token transfers. 3) Prefer multisig/hardware wallet flows for ownership and token transfers; avoid giving single-key deploy rights to automation. 4) Test everything on a testnet first and review contracts (VestingFactory/VestingWallet) and ownership logic to ensure no accidental renounce/centralization. 5) If you plan to let an automated agent run these steps, require explicit, auditable consent and never store unencrypted private keys in agent-accessible storage. If the author intends the skill to perform deployments autonomously, ask them to explicitly list required env vars and safe key-handling guidance.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.0.0-probe
Download zip
latestvk977vrj3trnv5jcdg0htdzdnph831gmv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

ERC20 Tokenomics Builder

End-to-end token launch readiness: allocation design → vesting contracts → liquidity math → investor docs.

Workflow

  1. Gather inputs — total supply, allocations, unlock schedules, raise target, listing price
  2. Build allocation table — categories, amounts, percentages, unlock logic
  3. Generate vesting schedules — cliff + linear using OpenZeppelin VestingWallet
  4. Model Uniswap liquidity — initial price, pool depth, slippage targets
  5. Draft investor documentation — token sale summary, SAFT context, vesting proof

1. Allocation Table

Standard allocation buckets (adjust to project):

Category% SupplyCliffVestingTGE Unlock
Team15–20%12 mo36 mo0%
Investors (seed)10–15%6 mo24 mo0–5%
Investors (priv)8–12%3 mo18 mo5–10%
Ecosystem/DAO20–30%048 mo5%
Community/Airdrop10–15%00–12 mo100%
Liquidity5–10%00100%
Reserve/Treasury10–20%0Governance0–5%

Output format: Markdown table + CSV for investor decks.

2. OpenZeppelin VestingWallet

OZ VestingWallet handles cliff + linear release natively.

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;

import "@openzeppelin/contracts/finance/VestingWallet.sol";

// Deploy one per beneficiary (or use a factory)
// constructor(address beneficiary, uint64 startTimestamp, uint64 durationSeconds)

// Example: 12mo cliff + 24mo linear for team member
// start = TGE timestamp + 12 months (cliff built in by setting start = cliff end)
// duration = 24 months (linear release after start)

VestingWallet teamVest = new VestingWallet(
    teamMemberAddress,
    uint64(tgeTimestamp + 365 days),   // start after 12mo cliff
    uint64(730 days)                    // 24mo linear vesting
);

Key methods:

  • release(token) — beneficiary calls to claim vested tokens
  • vestedAmount(token, timestamp) — query how much is unlockable
  • releasable(token) — current claimable balance

Cliff pattern: Set startTimestamp = TGE + cliffDuration. Vesting begins linearly after cliff with no special code needed.

Multi-beneficiary factory pattern: See references/vesting-factory.md

3. Vesting Schedule Modeling

Calculate monthly unlock amounts for each category:

Monthly unlock (post-cliff) = (allocation_tokens / vesting_months)
TGE unlock = allocation_tokens × tge_pct
Remaining = allocation_tokens × (1 - tge_pct)
Linear_per_month = Remaining / vesting_months_after_cliff

Circulating supply projection formula:

CS(t) = Σ [tge_i + max(0, (t - cliff_i) / vest_i) × (1 - tge_pct_i)] × supply_i

Where t = months since TGE, i = each allocation bucket.

Model month-by-month in a table through month 48. Flag any month where unlock > 5% of circulating supply (selling pressure risk).

4. Uniswap Liquidity Math

v2 Pool Setup (constant product: x * y = k)

Initial price = ETH_amount / TOKEN_amount
k = ETH_amount × TOKEN_amount

Slippage for trade size S:
  price_impact = S / (ETH_reserve + S)
  tokens_out = TOKEN_reserve × S / (ETH_reserve + S)

Recommended: price impact < 1% for typical retail trade size
→ Pool depth = trade_size / 0.01

Example: Target $10k retail trade at <1% impact → Need $1M TVL in the pool

v3 Concentrated Liquidity

  • Define price range: [P_low, P_high] where P = token price in ETH/USDC
  • Recommended initial range: ±20–30% from listing price
  • Concentrated liquidity = ~10x capital efficiency vs v2 in-range
  • Use tickLower / tickUpper = log(price) / log(1.0001)

Listing price discovery:

FDV_target = total_supply × listing_price
Implied_MC = circulating_supply × listing_price
Liquidity_ratio = pool_TVL / MC  → target 5–15% for healthy launch

See references/uniswap-math.md for deeper tick/range calculations.

5. Investor Documentation Templates

Token Sale Summary (SAFT context)

## Token: [NAME] ($TICKER)
- Total Supply: X,000,000,000
- TGE Date: [DATE]
- Network: Ethereum / [L2]
- Contract: [0x...]

## This Round
- Round: Seed / Private / Strategic
- Raise: $X at $Y/token → $Z FDV
- Allocation: X% of supply
- Vesting: X mo cliff, X mo linear, X% TGE
- VestingWallet: [contract address or "to be deployed"]

## Token Release Schedule
[Month-by-month unlock table for this tranche]

## Use of Funds
[breakdown]

Vesting Proof for Investor

After deploying VestingWallet, provide:

  • Contract address
  • Etherscan link
  • vestedAmount(tokenAddress, block.timestamp) call
  • Next release milestone date

6. Common Pitfalls

  • Too much TGE unlock for team → dump signal; keep 0% until cliff
  • Liquidity < 5% of MC → vulnerable to price manipulation
  • No vesting cliff for advisors → cheap paper hands
  • FDV too high at listing → suppresses price for years
  • Missing release() automation → beneficiaries forget; use a keeper script
  • Single VestingWallet per team → use individual wallets per person for clean cap table

References

  • references/vesting-factory.md — Solidity VestingWallet factory + batch deployment
  • references/uniswap-math.md — Detailed Uniswap v2/v3 tick math and liquidity formulas
  • references/allocation-templates.md — Pre-built allocation tables for DeFi, GameFi, DAO, Infrastructure

NOT This Skill

  • Already-deployed contract audit → use solidity-audit-precheck
  • LP position monitoring / IL tracking → use defi-position-tracker
  • Safe/multisig treasury management → use multi-sig-treasury
  • General ERC20 contract upgrades → use upgrade-solidity-contracts

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…