ClawHub

NadFun Token Creation

v1.0.0

Guide users through uploading an image and metadata, mining a vanity salt, and deploying a token on-chain via BondingCurveRouter in a 4-step flow on Nad.fun.

1· 1.5k·0 current·0 all-time
by@therealharpaljadeja
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md clearly documents a 4‑step Nad.fun token creation flow (image upload, metadata upload, salt mining for vanity address, and on‑chain deploy). The required actions (HTTP calls to api.nadapp.net and contract interactions) are coherent with the stated purpose.
Instruction Scope
Instructions are focused on the token creation flow and only call nadapp.net endpoints and on‑chain contracts. They do not request reading local files or unrelated system state. However, the runtime depends on the separate 'monad-development' skill for wallet management and on‑chain signing — that external dependency expands the effective scope (access to a wallet/private keys and ability to send funds).
Install Mechanism
This is an instruction‑only skill with no install spec and no bundled code — nothing is written to disk by the skill itself. Lowest install risk for this skill package.
!
Credentials
The skill declares no environment variables or credentials itself, but it explicitly requires the 'monad-development' skill for wallet management and signing. That means sensitive credentials (private keys, signer access) will be used at runtime via another skill that is not included or audited here. The SKILL.md does not document what access the monad skill requires or where private keys reside, nor does it warn about sending value during deployment.
Persistence & Privilege
always is false and the skill is user‑invocable only. It does not request persistent installation or modify other skills' configs in the provided documentation.
What to consider before installing
This skill's instructions do what it says (create a Nad.fun token) but you should NOT proceed without reviewing two things first: (1) the monad-development skill it depends on — inspect its code/permissions to see how it handles private keys and signing, and (2) the Nad.app API / contract addresses — confirm they are legitimate and that you trust them. Deployment will require sending ETH/value from your wallet (deploy fees and optional initial buy), so use a throwaway/testnet wallet first. Do not paste private keys or secrets here; if the monad skill asks for them, verify its origin and code. If you cannot audit the monad-development skill or the Nad.app endpoints, treat this skill as high risk for fund loss or credential exposure.

Like a lobster shell, security has layers — review code before you run it.

latestvk973nc2nwbdp24j3qpnp92zmq180fx6k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments