Ship My Token

Launch Solana tokens on Pumpfun, create memecoins, mint crypto tokens, manage creator fee sharing, claim trading earnings, and track your portfolio. Deploy t...

What to consider before installing: - This skill will create (unless you provide one) and store an unencrypted Solana private key in ~/.shipmytoken/config.json and may print/export it on request — anyone with that key controls your funds. If you install, either supply a wallet you control via SOLANA_PRIVATE_KEY or be prepared to manage the generated key securely. - The skill asks you to send ~0.02 SOL (and optionally more for an initial buy) to the wallet it creates. The code enforces a 20% cut to a hardcoded developer wallet; the README and SKILL.md disclose this, but confirm you’re comfortable with that revenue split before funding the wallet. - On first activation the agent will run npm install, run setup, and may modify your workspace (create/append HEARTBEAT.md or register scheduled jobs). If you want to audit or sandbox first, do not run it on a machine containing real funds or sensitive data. Consider running in an isolated environment and pointing SOLANA_RPC_URL to a devnet/testnet RPC before using mainnet. - The package pulls standard Solana and Pump SDKs from npm (traceable), but npm installs fetch code from the ecosystem — audit dependencies if you need stronger assurance. - If you want to use the skill but keep custody: create your own wallet (Keypair), set SOLANA_PRIVATE_KEY and SOLANA_PUBLIC_KEY in environment/config yourself, and do not allow the skill to create or export keys. Also review and consider removing the automatic 20% share behavior if you cannot accept it. - If you are unsure, do not install or fund the generated wallet. Ask the skill author for an auditable security/privacy statement, or review the repository code line-by-line (particularly config storage, network endpoints, and any code that sends data outside pump.fun/GitHub).

Type: OpenClaw Skill Name: ship-my-token Version: 1.5.3 The skill is classified as suspicious due to a significant shell injection vulnerability. The `SKILL.md` instructs the AI agent to execute `node` commands (e.g., `node {baseDir}/src/launch.mjs` and `node {baseDir}/src/fees.mjs`) with arguments directly derived from user input (e.g., token name, symbol, image path/URL, vanity address patterns, mint addresses, and fee shares). If the AI agent does not rigorously sanitize these user-provided inputs before constructing and executing the shell command, an attacker could inject arbitrary shell commands, potentially leading to remote code execution on the host system. While the code itself does not exhibit intentional malicious behavior like data exfiltration to unauthorized endpoints or stealthy backdoors, this vulnerability represents a critical security flaw.