Outsmart Trenching
v1.0.0Trade memecoins on Solana. Use when: user asks about memecoins, trenching, degen trading, ape, GMGN, Axiom, pump, 100x, alpha, CT, smart money, whale trackin...
⭐ 2· 491·0 current·0 all-time
byvincent so@outsmartchad
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill is a CLI-driven Solana trading assistant. Requesting an 'outsmart' binary, curl, a PRIVATE_KEY and MAINNET_ENDPOINT is consistent with performing on‑chain trades and RPC calls.
Instruction Scope
SKILL.md instructs the agent to run 'outsmart' commands (info, buy, sell, create-pool, add-liq) and a curl to Jupiter Shield—all within the trading domain. However, the runtime instructions perform live, state-changing actions (trades, pool creation) and do not include explicit user-confirmation safeguards. They therefore grant the agent the ability to sign and send transactions if provided the PRIVATE_KEY.
Install Mechanism
Install uses npm (package 'outsmart') which is a reasonable way to provide the 'outsmart' CLI, but installing third-party npm packages carries supply-chain risk. No direct downloads from arbitrary URLs are used, which reduces risk compared with untrusted archives.
Credentials
Only PRIVATE_KEY and MAINNET_ENDPOINT are required, which are proportionate to on‑chain trading. That said, PRIVATE_KEY is a high‑sensitivity secret that grants full control over the wallet—the skill will use it to sign transactions if supplied. The SKILL.md does not document any least-privilege mitigations (e.g., using a limited, funded burner wallet).
Persistence & Privilege
The skill does not request always:true, does not declare config paths, and is user-invocable only. It does not appear to request persistent system-wide privileges beyond running the CLI.
Assessment
This skill is coherent for trading on Solana, but it requires you to provide a PRIVATE_KEY environment variable and will run commands that can sign and broadcast transactions. Before installing: 1) Verify the npm package (author, version, GitHub repo, recent commits) and prefer installing from the official repository; 2) Do NOT supply your main wallet private key—use a funded burner wallet with limited funds; 3) Prefer an RPC endpoint you control or trust for MAINNET_ENDPOINT; 4) Review the 'outsmart' CLI source code (or run it in an isolated environment/container) to ensure it does not exfiltrate keys; 5) Consider using a hardware wallet or a signing service that avoids exporting private keys to env vars; 6) If you allow autonomous invocation, be aware the agent could execute trades without additional confirmations—disable autonomous invocation or require manual confirmations if you are risk-averse.Like a lobster shell, security has layers — review code before you run it.
Runtime requirements
Binsoutsmart, curl
EnvPRIVATE_KEY, MAINNET_ENDPOINT
Install
Install outsmart CLI (npm)
Bins: outsmart
npm i -g outsmartlatest
vincent so@outsmartchad
DownloadTrenching
You're trading attention. Memecoins have no fundamentals — just vibes, narratives, and social momentum. Most go to zero. Some go to $1B. Cap allocation at 10% of portfolio.
When to Use
- "Find me a memecoin to buy"
- "What's the current meta?"
- "Check if this token is safe"
- "Smart money is buying X"
When NOT to Use
- Blue chip accumulation (SOL, JUP) — use DCA
- LP farming — different skill
- Prediction markets — different skill
Finding What's Hot
Twitter/X — ground zero. 5+ accounts posting about the same thing = meta forming.
Smart money — build a watchlist on GMGN or Cielo. When 3+ converge on same token, real signal.
On-chain — GMGN "Sniper New" feed, DexScreener trending.
Sizing Up a Token
# Quick check: price, volume, buyers, liquidity, age
outsmart info --token MINT_ADDRESS
| Metric | Good | Bad |
|---|---|---|
| Liquidity | > 50 SOL | < 10 SOL |
| Buyers (5m/1h) | Growing, diverse | Flat or declining |
| Volume vs buyers | Proportional | Huge volume, few buyers |
| Age | 10min - 6h | < 2min or > 24h with no momentum |
| Market cap | $50k - $5M | > $50M (you're late) |
Jupiter Shield (security check)
curl -s "https://api.jup.ag/ultra/v1/shield?mints=MINT_ADDRESS" | python3 -m json.tool
Flags freeze/mint authority, low organic activity.
Execution
# Buy
outsmart buy --dex jupiter-ultra --token MINT --amount 0.05
# Sell 25% at 2x
outsmart sell --dex jupiter-ultra --token MINT --pct 25
Sizing
| Conviction | Size |
|---|---|
| Strong thesis + clean security | 3-5% |
| Looks good, decent signals | 1-2% |
| Smart money buying, unverified | 0.5-1% |
| FOMO | 0% |
Taking Profits
| Hit | Action |
|---|---|
| 2x | Sell 25% |
| 3x | Sell another 25% — house money |
| 5x | Sell another 25% |
| 10x+ | Sell or ride with tight stop |
Never ride a memecoin back to zero.
Red Flags — Instant Skip
| Flag | How to Detect |
|---|---|
| Mint authority enabled | Jupiter Shield |
| Freeze authority | Jupiter Shield |
| Single wallet >30% supply | GMGN |
| LP not burned/locked | GMGN, RugCheck |
| Dev selling into buys | GMGN first 70 buyers |
| Snipers >5% from block 0 | GMGN |
After — The LP Play
If the token has legs:
# < 5 min: create DAMM v2 pool with 99% fee
outsmart create-pool --dex meteora-damm-v2 --token MINT --base-amount 1000000 --quote-amount 0.5 --max-fee 9900 --min-fee 200
# > 30 min: DLMM position
outsmart add-liq --dex meteora-dlmm --pool POOL --sol 0.5 --strategy spot --bins 50
External Tools
| Tool | Use |
|---|---|
| GMGN | Smart money, security, insider detection |
| Cielo | Wallet discovery, Mindshare, alerts |
| Axiom | Twitter monitor (auto-detects CAs) |
| DexScreener | Charts, token profiles, trending |
| RugCheck | Contract analysis, LP lock status |
Comments
Loading comments...