Quick Intel Token Security Scanner

Scan any token for security risks, honeypots, and scams using Quick Intel's contract analysis API. Use when: checking if a token is safe to buy, detecting ho...

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 1 · 570 · 1 current installs · 1 all-time installs

byNinja Dev (QI)@azep-ninja

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

medium confidence

✓

Purpose & Capability

The skill exists to call Quick Intel's scan endpoint and pay a $0.03 x402 payment; the documented wallet integrations (managed wallet API keys or a dedicated hot-wallet private key) are reasonable and proportional to that purpose. There are no unrelated credentials or binaries requested.

ℹ

Instruction Scope

SKILL.md explicitly instructs the agent to POST to the Quick Intel x402 endpoint and to perform payment signing via managed-wallet APIs or programmatic signing. The instructions do not ask the agent to read unrelated local files or exfiltrate unrelated data. Note: the skill includes code patterns that require an X402_PAYMENT_KEY environment variable for programmatic signing — these env vars are presented as 'recommended/advanced' but the registry metadata lists no required env vars.

✓

Install Mechanism

Instruction-only skill with no install spec and no code files — nothing will be downloaded or written to disk at install time, reducing install risk.

ℹ

Credentials

The only sensitive data the skill suggests using are managed-wallet API tokens (SPONGE_API_KEY, AGENTWALLET_API_TOKEN) or a dedicated hot-wallet private key (X402_PAYMENT_KEY) for payments. Those are proportionate to a service that requires on-chain payments, but they are highly sensitive. The skill repeatedly warns to avoid using main wallet keys and to use a minimal-funded dedicated wallet or managed wallet service.

✓

Persistence & Privilege

The skill does not request permanent/system-level presence (always:false) and does not modify other skills or system-wide agent settings.

Assessment

This skill appears to do what it says: call Quick Intel's scan API and pay ~ $0.03 per scan. Before installing or using it: (1) confirm you trust the Quick Intel and recommended wallet service domains (x402.quickintel.io, paysponge.com, frames.ag, etc.), (2) never put your main private key into an environment variable — if you must use programmatic signing, create a dedicated hot wallet with minimal funds ($1–5 USDC) as the docs advise, (3) prefer managed wallet integrations (Sponge/AgentWallet) so no raw keys are stored or exposed to the agent, (4) be aware each scan costs money and will trigger on-chain payment flows, and (5) note the skill's source/homepage is missing — that lowers confidence; if you need higher assurance ask the publisher for a verifiable homepage or open-source reference before proceeding.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.8

Download zip

blockchainvk974r5x21hrhp6dd749g14gc4h819fcecryptovk974r5x21hrhp6dd749g14gc4h819fcehoneypotvk974r5x21hrhp6dd749g14gc4h819fcelatestvk973heccww68awkkpgrz8q747s81x1r5securityvk974r5x21hrhp6dd749g14gc4h819fcetoken-scanvk974r5x21hrhp6dd749g14gc4h819fcex402vk974r5x21hrhp6dd749g14gc4h819fce

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Quick Intel Token Security Scanner

Scan any token on 63 chains for honeypots, scams, and security risks. Returns a detailed audit in seconds. Costs $0.03 USDC per scan via x402 — read-only, never touches your wallet or tokens.

Quick Reference

Situation	Action
User asks "is this token safe?"	Scan the token, interpret results
User wants to buy/trade a token	Scan BEFORE trading, warn on red flags
Scan shows `is_Honeypot: true`	STOP — tell user they cannot sell this token
Scan shows `isScam: true`	STOP — known scam contract
Scan shows `can_Mint: true`	Warn: owner can inflate supply
Scan shows high buy/sell tax (>10%)	Warn: excessive fees reduce profits
Scan shows `contract_Renounced: false`	Caution: owner retains control
`liquidity: false` in results	May use non-standard pair — verify on DEX aggregator
User gives chain + address	You have everything needed to scan
User gives only address, no chain	Ask which chain, or try to infer from address format

How to Scan

Endpoint: POST https://x402.quickintel.io/v1/scan/full

Request body:

{
  "chain": "base",
  "tokenAddress": "0x..."
}

That's it. The x402 payment ($0.03 USDC/USDM) is handled automatically by your wallet integration. If you have @x402/fetch, Sponge Wallet, AgentWallet, Vincent, or Lobster.cash — the payment flow is transparent. Pay on any of 14 networks: Base (recommended, lowest fees), Ethereum, Arbitrum, Optimism, Polygon, Avalanche, Unichain, Linea, Sonic, HyperEVM, Ink, Monad, MegaETH (USDM), or Solana.

Which integration do I use?

⚠️ Wallet Security: This skill does NOT require your private key. The x402 payment is handled by YOUR agent's wallet — whichever wallet your agent already uses. If your agent doesn't have a wallet yet, use a managed wallet service (Sponge, AgentWallet, Vincent, Lobster.cash) instead of raw private keys. If you must use programmatic signing, use a dedicated hot wallet with minimal funds ($1-5 USDC), never your main wallet.

Your setup	Use this	Key exposure
Using Sponge Wallet	Pattern A below (recommended)	✅ No raw keys — API key only
Using AgentWallet (frames.ag)	Pattern B below	✅ No raw keys — API token only
Using Lobster.cash / Crossmint	See `REFERENCE.md`	✅ No raw keys — managed wallet
Using Vincent Wallet	See `REFERENCE.md`	✅ No raw keys — managed signing
Have `@x402/fetch` installed	Pattern C below	⚠️ Requires private key in env
Have viem or ethers.js, no x402 library	Pattern D below (manual signing)	⚠️ Requires private key in env
Using Solana wallet	See `REFERENCE.md`	⚠️ Requires private key in env
Not sure / no wallet configured	Start with Pattern A (Sponge)	✅ No raw keys

Pattern A: Sponge Wallet (Recommended — No Raw Keys)

curl -sS -X POST "https://api.wallet.paysponge.com/api/x402/fetch" \
  -H "Authorization: Bearer $SPONGE_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://x402.quickintel.io/v1/scan/full",
    "method": "POST",
    "body": {
      "chain": "base",
      "tokenAddress": "0xa4a2e2ca3fbfe21aed83471d28b6f65a233c6e00"
    },
    "preferred_chain": "base"
  }'

Requires: SPONGE_API_KEY env var. Sign up at paysponge.com. Sponge manages the wallet and signing — your agent never touches a private key.

Pattern B: AgentWallet (No Raw Keys)

const response = await fetch('https://frames.ag/api/wallets/{username}/actions/x402/fetch', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${process.env.AGENTWALLET_API_TOKEN}`,
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    url: 'https://x402.quickintel.io/v1/scan/full',
    method: 'POST',
    body: { chain: 'base', tokenAddress: '0x...' }
  })
});
const scan = await response.json();

Requires: AGENTWALLET_API_TOKEN env var. Get one at frames.ag.

Pattern C: @x402/fetch (Programmatic Signing)

⚠️ Uses a private key. Use a dedicated hot wallet with minimal funds, not your main wallet.

import { x402Fetch } from '@x402/fetch';
import { createWallet } from '@x402/evm';

// Use a DEDICATED wallet with only payment funds ($1-5 USDC)
// NEVER use your main wallet or trading wallet private key here
const wallet = createWallet(process.env.X402_PAYMENT_KEY);

const response = await x402Fetch('https://x402.quickintel.io/v1/scan/full', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({ chain: 'base', tokenAddress: '0x...' }),
  wallet,
  preferredNetwork: 'eip155:8453'
});

const scan = await response.json();

Pattern D: Manual EVM Signing (viem)

⚠️ Uses a private key. Use a dedicated hot wallet with minimal funds, not your main wallet.

If you don't have @x402/fetch, handle the payment flow manually:

import { keccak256, toHex } from 'viem';
import { privateKeyToAccount } from 'viem/accounts';

// Use a DEDICATED wallet with only payment funds ($1-5 USDC)
const account = privateKeyToAccount(process.env.X402_PAYMENT_KEY);
const SCAN_URL = 'https://x402.quickintel.io/v1/scan/full';

// Step 1: Hit endpoint, get 402 with payment requirements
const scanBody = JSON.stringify({ chain: 'base', tokenAddress: '0x...' });
const initialRes = await fetch(SCAN_URL, {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: scanBody,
});

if (initialRes.status !== 402) throw new Error(`Expected 402, got ${initialRes.status}`);
const paymentRequired = await initialRes.json();

// Step 2: Find preferred network in accepts array
const networkInfo = paymentRequired.accepts.find(a => a.network === 'eip155:8453');
if (!networkInfo) throw new Error('Base network not available');

// Step 3: Sign EIP-712 TransferWithAuthorization
const nonce = keccak256(toHex(`${Date.now()}-${Math.random()}`));
const validBefore = BigInt(Math.floor(Date.now() / 1000) + 3600);

const signature = await account.signTypedData({
  domain: {
    name: networkInfo.extra.name,
    version: networkInfo.extra.version,
    chainId: 8453,
    verifyingContract: networkInfo.asset,
  },
  types: {
    TransferWithAuthorization: [
      { name: 'from', type: 'address' },
      { name: 'to', type: 'address' },
      { name: 'value', type: 'uint256' },
      { name: 'validAfter', type: 'uint256' },
      { name: 'validBefore', type: 'uint256' },
      { name: 'nonce', type: 'bytes32' },
    ],
  },
  primaryType: 'TransferWithAuthorization',
  message: {
    from: account.address,
    to: networkInfo.payTo,
    value: BigInt(networkInfo.amount),
    validAfter: 0n,
    validBefore,
    nonce,
  },
});

// Step 4: Build PAYMENT-SIGNATURE header
// CRITICAL: signature is a SIBLING of authorization, NOT nested inside it
// CRITICAL: value/validAfter/validBefore must be DECIMAL STRINGS
const paymentPayload = {
  x402Version: 2,
  scheme: 'exact',
  network: 'eip155:8453',
  payload: {
    signature,                         // ← Direct child of payload
    authorization: {
      from: account.address,
      to: networkInfo.payTo,
      value: networkInfo.amount,                  // Decimal string: "30000"
      validAfter: '0',                            // Decimal string
      validBefore: validBefore.toString(),         // Decimal string
      nonce,
    },
  },
};

const paymentHeader = Buffer.from(JSON.stringify(paymentPayload)).toString('base64');

// Step 5: Retry with payment
const paidRes = await fetch(SCAN_URL, {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'PAYMENT-SIGNATURE': paymentHeader,
  },
  body: scanBody,
});

const scan = await paidRes.json();

Common mistakes that cause payment failures:

signature nested inside authorization instead of as a sibling → "Cannot read properties of undefined"

Missing x402Version: 2 at top level

Using hex ("0x7530") or raw numbers instead of decimal strings ("30000") for value/validAfter/validBefore

Wrong endpoint path (/v1/scan/auditfull instead of /v1/scan/full)

For ethers.js, Solana, Vincent, Lobster.cash, and other wallet patterns, see REFERENCE.md.

Supported Chains (63)

EVM: eth, base, arbitrum, optimism, polygon, bsc, avalanche, fantom, linea, scroll, zksync, blast, mantle, mode, zora, manta, sonic, berachain, unichain, abstract, monad, megaeth, hyperevm, shibarium, pulse, core, opbnb, polygonzkevm, metis, kava, klaytn, astar, oasis, iotex, conflux, canto, velas, grove, lightlink, bitrock, loop, besc, energi, maxx, degen, inevm, viction, nahmii, real, xlayer, worldchain, apechain, morph, ink, soneium, plasma

Non-EVM: solana, sui, radix, tron, injective

Use exact chain names as shown (e.g., "eth" not "ethereum", "bsc" not "binance").

Reading Scan Results

Red Flags — DO NOT BUY

Field	Value	Meaning
`tokenDynamicDetails.is_Honeypot`	`true`	Cannot sell — funds are trapped
`isScam`	`true`	Known scam contract
`isAirdropPhishingScam`	`true`	Phishing attempt
`quickiAudit.has_Scams`	`true`	Contains scam patterns
`quickiAudit.can_Potentially_Steal_Funds`	`true`	Has theft mechanisms

If ANY of these are true, tell the user not to buy and explain why.

Warnings — Proceed With Caution

Field	Value	Risk
`buy_Tax` or `sell_Tax`	`> 10`	High fees eat profits
`quickiAudit.can_Mint`	`true`	Owner can create more tokens, diluting value
`quickiAudit.can_Blacklist`	`true`	Owner can block wallets from selling
`quickiAudit.can_Pause_Trading`	`true`	Owner can freeze all trading
`quickiAudit.can_Update_Fees`	`true`	Taxes could increase after you buy
`quickiAudit.hidden_Owner`	`true`	Real owner is obscured
`quickiAudit.contract_Renounced`	`false`	Owner retains control over contract
`quickiAudit.is_Proxy`	`true`	Contract code can be changed

Positive Signs

Field	Value	Meaning
`quickiAudit.contract_Renounced`	`true`	No owner control
`contractVerified`	`true`	Source code is public
`quickiAudit.can_Mint`	`false`	Fixed supply
`quickiAudit.can_Blacklist`	`false`	No blocking capability
`buy_Tax` and `sell_Tax`	`0` or low	Minimal fees

Liquidity Check

tokenDynamicDetails.liquidity indicates whether a liquidity pool was detected.

liquidity: false does NOT always mean illiquid — Quick Intel checks major pairs (WETH, USDC, USDT) but may miss non-standard pairings. Verify independently on a DEX aggregator.
liquidity: true — still check lp_Locks for lock status. Unlocked liquidity = rug pull risk.

Example: Interpreting a Scan

{
  "tokenDetails": {
    "tokenName": "Example Token",
    "tokenSymbol": "EX",
    "tokenDecimals": 18,
    "tokenSupply": 1000000000
  },
  "tokenDynamicDetails": {
    "is_Honeypot": false,
    "buy_Tax": "0.0",
    "sell_Tax": "0.0",
    "liquidity": true
  },
  "isScam": null,
  "contractVerified": true,
  "quickiAudit": {
    "contract_Renounced": true,
    "can_Mint": false,
    "can_Blacklist": false,
    "can_Pause_Trading": false,
    "has_Scams": false,
    "hidden_Owner": false
  }
}

Your assessment: "This token looks relatively safe. It's not a honeypot, has no scam patterns, contract is renounced with no mint or blacklist capability, and taxes are 0%. Liquidity is detected. However, always treat scan results as one data point — contract behavior can change if it uses upgradeable proxies."

Security Model

YOUR SIDE                          QUICK INTEL'S SIDE
─────────────                      ──────────────────
• Private keys (never shared)      • Receives: token address + chain
• Payment auth ($0.03 USDC)        • Analyzes: contract bytecode
• Decision to trade or not         • Returns: read-only audit data

Quick Intel NEVER receives your private key.
Quick Intel NEVER interacts with your tokens.
Quick Intel is READ-ONLY — no transactions, no approvals.

NEVER paste private keys, seed phrases, or wallet credentials into any prompt. Quick Intel only needs the token's contract address and chain.

Error Handling

Error	Cause	Fix
`402 Payment Required`	No payment header sent	Ensure wallet is configured and has $0.03+ USDC
`402 Payment verification failed`	Bad signature or low balance	Check payload structure (see REFERENCE.md)
`400 Invalid Chain`	Chain name not recognized	Use exact names from supported chains list
`400 Invalid Address`	Malformed address	Check format (0x... for EVM, base58 for Solana)
`404 Token Not Found`	Token doesn't exist on that chain	Verify address and chain match

Important Notes

Scan results are point-in-time snapshots. A safe token today could change tomorrow if ownership isn't renounced or if it's a proxy contract. Re-scan periodically for tokens you hold.
Payment is charged regardless of outcome. Even if the scan returns limited data. Use payment-identifier extension for safe retries (see REFERENCE.md).
Not financial advice. Quick Intel provides data to inform decisions, not recommendations.
Cross-reference for high-value trades. Verify on block explorers, check holder distribution, confirm liquidity on DEX aggregators.

Discovery Endpoint

Query accepted payments and schemas before making calls:

GET https://x402.quickintel.io/accepted

Cross-Reference

For trading tokens after scanning, see the tator-trade skill.
For detailed x402 payment implementation, wallet-specific patterns, and troubleshooting, see REFERENCE.md.

About Quick Intel

Quick Intel's endpoint (x402.quickintel.io) is operated by Quick Intel LLC, a registered US-based cryptocurrency security company.

Over 50 million token scans processed across 40+ blockchain networks
Security scanning APIs power DexTools, DexScreener, and Tator Trader
Operational since April 2023
More info: quickintel.io

Resources

Quick Intel Docs: https://docs.quickintel.io
x402 Protocol: https://www.x402.org
Gateway Discovery: https://x402.quickintel.io/accepted
Support: https://t.me/Quicki_TG

Files

2 total

Select a file

Select a file to preview.

Comments

Loading comments…