solana-token-distribution
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill matches its Solana airdrop purpose, but it can guide an agent to sign and submit large mainnet token transactions with a wallet private key and reduced transaction checks.
Use this only with a dedicated distribution wallet and after a devnet test. Confirm the recipient list, total token amount, mint, network, fees, and every batch before signing. Do not paste seed phrases or valuable private keys into the agent; prefer a local or hardware signer and pinned dependencies.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A bad recipient list, amount, mint, or payer choice could be submitted on-chain at scale and may not be reversible.
The large-batch airdrop path signs and submits transactions while explicitly skipping preflight checks. This is purpose-aligned for fast Solana distribution, but it reduces validation before irreversible on-chain actions.
const confirmedSig = await sendAndConfirmTx(connection, tx, {
skipPreflight: true,
commitment: "confirmed",
});Require an explicit final user approval before signing, test on devnet, validate recipient and amount totals, and default to preflight/simulation unless the user knowingly opts out.
Using a main wallet or pasting a private key into an agent workflow could authorize unintended financial actions or expose funds if mishandled.
The workflow requires a Solana private key capable of signing minting and distribution transactions. This is expected for the task, but it is high-impact signing authority and the registry only declares HELIUS_API_KEY, with no primary credential.
const PAYER = Keypair.fromSecretKey(/* your key */);
Use a dedicated low-balance distribution wallet, avoid pasting private keys into chat or generated files, prefer a local/hardware signer, and confirm every transaction batch before signing.
If mis-scoped, extra agents or MCP tools could read more local context than intended.
The skill permits subagents and MCP access, which can move context across tools. It is scoped to read-only documentation and requires asking when stuck, so this is a notice rather than a concern.
ask to spawn a read-only subagent with `Read`, `Glob`, `Grep`, and DeepWiki MCP access, loading `skills/ask-mcp`. Scope reads to skill references, example repos, and docs.
Keep subagent access read-only and limited to documentation/example repositories; do not include wallet keys, seed phrases, or private recipient datasets unless explicitly needed and approved.
Installing unpinned dependencies in a new project can expose the user to supply-chain changes or version drift.
The examples depend on external npm packages, but the skill is instruction-only and provides no pinned package versions or lockfile. This is normal for reference guidance, but dependency provenance remains the user's responsibility.
import { CompressedTokenProgram } from "@lightprotocol/compressed-token"; ... import { ComputeBudgetProgram, Keypair, PublicKey } from "@solana/web3.js";Install packages from official sources, pin versions, use a lockfile, and review dependency updates before running wallet-signing scripts.