← 返回 Skills 市场
deanpeng-dotcom

Anti Rug

作者 deanpeng-dotcom · GitHub ↗ · v3.1.0 · MIT-0
cross-platform ✓ 安全检测通过
102
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install anti-rug
功能描述
Web3 token security scanner with expert cross-validation engine. Detects honeypots, rug pulls, and contract risks across Ethereum, BSC, Polygon, and other EV...
使用说明 (SKILL.md)

Web3 Token Security Scanner (Anti-Rug)

Maintainer: Antalpha AI Team

A professional-grade token contract security analyzer featuring scenario-based classification and cross-validation engine.

Overview

This tool performs comprehensive security analysis of token contracts with:

  • Scenario Classification: Automatically categorizes tokens (A: Pegged Assets, B: Eco Tokens, C: Meme Coins)
  • Cross-Validation Engine: Analyzes relationships between indicators (neutralized/amplified/contextual)
  • Dynamic Risk Scoring: Weighted scoring system adapted to token type
  • Fatal Finding Detection: One-strike rules for critical vulnerabilities

Supported Chains

  • Ethereum (chain_id: 1)
  • BNB Smart Chain (chain_id: 56)
  • Polygon (chain_id: 137)
  • Arbitrum One (chain_id: 42161)
  • Base (chain_id: 8453)
  • Optimism (chain_id: 10)
  • Avalanche C-Chain (chain_id: 43114)
  • Solana (chain_id: solana)

Installation

git clone https://github.com/ZorroShao/anti-rug.git
cd anti-rug
pip install -r requirements.txt

Usage

python scripts/check_token.py --chain_id 56 --contract_address 0x...

Scenario Classification

Scenario A: Pegged/Stable Assets

Examples: USDT, USDC, WETH, WBNB

  • Mintable: ✅ Expected for peg maintenance
  • Owner: ✅ Institution custody is normal
  • Blacklist: ✅ Compliance requirement

Scenario B: Ecosystem Tokens

Examples: UNI, AAVE, established DeFi

  • Proxy: ✅ Acceptable for upgradeability
  • Treasury: ✅ Protocol-owned liquidity expected

Scenario C: Meme/Unknown Tokens

  • All permissions: ⚠️ Treated as potential rug tools
  • Strictest evaluation applied

Risk Severity Levels

Score Level Action
0-24 Low ✅ Base security passed
25-49 Low-Medium 🟡 Minor concerns
50-74 Medium 🟡 Caution required
75-100 High 🔴 Dangerous
Fatal Critical 🛑 Do not buy

Architecture

config.py           # Centralized configuration
exceptions.py       # Custom exception classes
validators/         # Cross-validation rules (modular)
  cv_mint_ownership.py
  cv_concentration.py
  cv_proxy.py
  cv_tax_scenario.py
tests/              # Unit tests
scripts/
  check_token.py    # Main entry point

License

MIT License - See LICENSE file

安全使用建议
This package appears to do what it says: it queries a token‑security API (api.gopluslabs.io) for indicators, runs local validators, and reports risks. Before installing or running it: 1) be aware that contract addresses you check are sent to the external API (and to any custom --api_gateway you provide); do not point --api_gateway at untrusted services. 2) There is a minor inconsistency between repo URLs in SKILL.md vs README (ZorroShao vs AntalphaAI) — consider verifying the upstream source/maintainer on GitHub. 3) The config stores runtime lambda check functions (FATAL_RULES) — these are executable Python objects (normal here but harder to audit if persisted/serialized). 4) If you want to be extra cautious, run the tool in an isolated environment, review the GoPlus endpoint privacy/terms, and run the included tests (pytest) locally. Overall the skill is internally coherent with no disproportionate credential or install demands.
功能分析
Type: OpenClaw Skill Name: anti-rug Version: 3.1.0 The Anti-Rug skill bundle is a well-structured Web3 security tool designed to analyze token contracts for risks like honeypots and rug pulls. It uses the legitimate GoPlus API (api.gopluslabs.io) to fetch contract data and implements a modular cross-validation engine to calculate risk scores. No evidence of data exfiltration, malicious execution, or prompt injection was found; the code logic is consistent with its stated purpose.
能力标签
crypto
能力评估
Purpose & Capability
Name/description align with the included Python code and validators. The repo contains a CLI script that fetches token data, runs validators, and computes scores — all appropriate for a token security scanner. No unrelated credentials, binaries, or system‑level access are requested.
Instruction Scope
Runtime instructions and the code perform outbound HTTP requests to third‑party endpoints (api.gopluslabs.io) carrying the chain_id and contract_address — this is expected to fetch token indicators, but it does transmit the contract addresses to an external service. The CLI also accepts a --api_gateway argument allowing use of a custom proxy; that is useful but means a malicious gateway could receive query data if supplied.
Install Mechanism
No registry install spec was provided, but SKILL.md documents a normal git + pip workflow and requirements.txt only lists 'requests' (and typing-extensions for older Python). There are no downloads from personal servers, IP addresses, or archive extraction steps in the package metadata.
Credentials
The skill does not declare or require any environment variables, credentials, or config paths. It operates with provided CLI args and uses public API endpoints — no secret access is requested or implied.
Persistence & Privilege
always is false and the skill does not modify other skills or system settings. It does allow autonomous invocation (disable-model-invocation=false) which is the platform default; this is not a red flag on its own and is not combined with broad privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install anti-rug
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /anti-rug 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.1.0
- Added support for Solana chain alongside EVM chains (Ethereum, BSC, Polygon, etc.). - Introduced a scenario-based classification system for tokens (Pegged Assets, Ecosystem Tokens, Meme/Unknown Tokens). - Implemented a cross-validation engine analyzing the relationship between risk indicators. - Updated risk scoring and severity levels, including fatal finding detection for critical vulnerabilities. - Expanded and clarified documentation, installation, and usage instructions.
元数据
Slug anti-rug
版本 3.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Anti Rug 是什么?

Web3 token security scanner with expert cross-validation engine. Detects honeypots, rug pulls, and contract risks across Ethereum, BSC, Polygon, and other EV... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 102 次。

如何安装 Anti Rug?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install anti-rug」即可一键安装,无需额外配置。

Anti Rug 是免费的吗?

是的,Anti Rug 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Anti Rug 支持哪些平台?

Anti Rug 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Anti Rug?

由 deanpeng-dotcom(@deanpeng-dotcom)开发并维护,当前版本 v3.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论