← Back to Skills Marketplace
0xartex

Token Research

by 0xArtex · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
329
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install token-research
Description
Comprehensive token research for EVM chains (Base, ETH, Arbitrum) and Solana. Use this skill when you want to research crypto tokens, deep-dive projects or m...
Usage Guidance
What to check before installing: - Ask the publisher to declare required environment variables (at minimum: TWITTERAPI_KEY and any block-explorer API keys) in the skill metadata. Right now the skill references $TWITTERAPI_KEY but requires.env is empty. - Inspect the '~/workspace/scripts/ape-call.sh' referenced by the skill (or any 'call owner' mechanism). That script will be executed (or the skill will attempt to call it). Verify it does not exfiltrate research data or contact unknown endpoints. - Confirm how 'call owner' and 'send DM' steps are implemented and whether messaging credentials (Telegram/Discord/WhatsApp tokens) are needed — these are not declared. Do not grant messaging credentials until you verify the owner endpoint and message contents. - The skill instructs spawning parallel sub-agents and auto-deep-diving top picks. If you want to avoid autonomous multi-agent or background activity, restrict the skill's autonomous invocation or disable batch auto-deep-dive behavior. - The skill writes reports and appends watchlists under reports/ and watchlists/. Ensure you run it in an isolated workspace or that you trust these files will be appended only as described (the skill mandates 'APPEND only — never overwrite'). - Because the script makes many outbound network calls, review rate-limit and API-key usage (Etherscan/GoPlus) to avoid unexpected failures or leaking keys in logs. - If you are unsure about the owner or scripts, run the included fetch_token_data.sh in a sandboxed environment first and/or request the author to remove mandatory 'call owner' commands or to make owner notification optional. Bottom line: functionality is plausible for token research, but missing environment/credential declarations and mandatory 'call owner' outbound actions are red flags you should resolve before installing or enabling autonomous use.
Capability Analysis
Type: OpenClaw Skill Name: token-research Version: 1.0.0 The skill bundle contains instructions in SKILL.md that create a shell injection vulnerability by directing the AI agent to execute a local script (~/workspace/scripts/ape-call.sh) using unsanitized data (ticker symbols and narratives) fetched from external APIs like DexScreener and Twitter. Furthermore, the instructions mandate autonomous 'deep dives' and notifications without user confirmation, which increases the risk of the agent being manipulated by malicious content found in external token metadata or social media posts (prompt injection). The reliance on an external, non-bundled script for 'MANDATORY' alerts is also a significant security and functional dependency.
Capability Assessment
Purpose & Capability
The declared purpose (token research for EVM chains + Solana) aligns with the code and instructions: dexscreener, GoPlus, Etherscan/Basescan calls and web searches. However, the skill also mandates contacting an 'owner' (via a local script and messaging) and auto-appending watchlists/reports in the workspace — behaviors that go beyond pure read-only research and require filesystem and external messaging capabilities that are not declared.
Instruction Scope
SKILL.md instructs the agent to call external APIs (DexScreener, GoPlus, Twitter API endpoint), to run a local script at ~/workspace/scripts/ape-call.sh, to send Telegram/Discord/WhatsApp DMs and to spawn parallel sub-agents and auto-deep-dive top picks without user confirmation. It also requires appending watchlist and report files. These instructions direct network calls and writes and compel outbound communication (owner calls/DMs) that are not limited or qualified in the metadata.
Install Mechanism
No install spec; an instruction-only skill plus a single included shell script (fetch_token_data.sh). No arbitrary downloads or extract operations. The presence of a helper script is expected for this purpose.
Credentials
The SKILL.md and examples require/use environment variables (e.g., $TWITTERAPI_KEY) and imply use of API keys (Etherscan, possibly GoPlus) but the registry metadata lists no required env vars or primary credential. The skill also expects access to ~/workspace scripts and to be able to send messages to the 'owner' — credentials or tokens for messaging platforms are neither declared nor justified in the manifest.
Persistence & Privilege
always:false (good). But the instructions require appending files under reports/ and watchlists/ and mandate calling an owner and spawning sub-agents in batch mode. Those are persistent side-effects (file writes and potentially long-running monitoring) and autonomous actions that should be explicitly declared and consented to; currently they are embedded only in SKILL.md.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install token-research
  3. After installation, invoke the skill by name or use /token-research
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release — introduces structured workflow for comprehensive token research across EVM and Solana. - Mandatory call-and-message protocol for high-potential tokens (WATCH/APE), with strict volume-driven triggers. - Enforces social research on X/Twitter for every token; mandates skipping pure memes except in specific high-volume cases. - Outlines deep and shallow research procedures, including use of APIs (DexScreener, GoPlus, Etherscan/Basescan, Twitter). - Implements systematic directory structure for research reports and monthly tiered watchlists with clear update rules. - Provides detailed, step-by-step research process template for fundamentals and Twitter-based due diligence.
Metadata
Slug token-research
Version 1.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Token Research?

Comprehensive token research for EVM chains (Base, ETH, Arbitrum) and Solana. Use this skill when you want to research crypto tokens, deep-dive projects or m... It is an AI Agent Skill for Claude Code / OpenClaw, with 329 downloads so far.

How do I install Token Research?

Run "/install token-research" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Token Research free?

Yes, Token Research is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Token Research support?

Token Research is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Token Research?

It is built and maintained by 0xArtex (@0xartex); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments