token-scam-analysis
Conducts in-depth on-chain analysis to identify scams and rug pulls in EVM tokens, providing risk assessments based on on-chain data.
Install this skill
or
94/100
Security score
The token-scam-analysis skill was audited on May 25, 2026 and we found 6 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
low line 68
Access to .env file
SourceSKILL.md
| 68 | const rpcUrl = process.env.BASE_RPC_URL; // may be undefined |
low line 32
External URL reference
SourceSKILL.md
| 32 | - https://clanker.gitbook.io/clanker-documentation/general/token-deployments — overview: 100B ERC-20, extensions up to 90% of supply. |
low line 33
External URL reference
SourceSKILL.md
| 33 | - https://clanker.gitbook.io/clanker-documentation/authenticated/deploy-token-v4.0.0 — full deploy payload (vault, airdrop, fees, up to 7 reward recipients, pool config). |
low line 34
External URL reference
SourceSKILL.md
| 34 | - https://clanker.gitbook.io/clanker-documentation/references/core-contracts/v4 — ClankerVault / Airdrop extension internals. |
low line 91
External URL reference
SourceSKILL.md
| 91 | 10. **`browse_url`** on basescan/etherscan/polygonscan (`https://basescan.org/address/{addr}`) only as fallback when `get_contract_abi` fails or to confirm an address is a DEX/pool/infra contract. Man |
low line 106
External URL reference
SourceSKILL.md
| 106 | 3. **`browse_url`** on the project's official X/Twitter account if known (format: `https://x.com/<handle>`) — look for self-warnings from the project itself. A team publicly "warning" its own communit |
Scanned on May 25, 2026
View Security Dashboard