← Back to Skills Marketplace
SUPAH Token Guardian
by
supah-based
· GitHub ↗
· v1.3.0
· MIT-0
161
Downloads
0
Stars
1
Active Installs
4
Versions
Install in OpenClaw
/install supah-token-guardian
Description
Pre-trade token safety scanner for 21+ EVM chains. 6-layer deep scan: contract safety, liquidity health, deployer profiling, holder distribution, trading pat...
Usage Guidance
This skill appears to do what it says: it calls api.supah.ai to run a token safety scan and prints a report. Before installing, consider: (1) x402 micropayments — each scan costs $0.08 USDC on Base and the skill assumes your agent/wallet will pay automatically; ensure you understand and trust that automatic payment flow and that your agent wallet is not inadvertently funded. (2) Privacy — token addresses and chain info are sent to a remote service (api.supah.ai); if you care about revealing trading intent, review the provider. (3) Local file writes — results are saved to /tmp/guardian-result.json which could be readable by other local users on multi-user hosts. (4) Minor metadata mismatch — SUPAH_API_BASE is marked required in registry metadata but described as optional in SKILL.md; you can ignore unless you need to override the default endpoint. If you decide to proceed, review the included scripts (scripts/guardian-scan.sh) and confirm the api.supah.ai host and the payTo address are acceptable, and test with a single known token to verify behavior and charges.
Capability Assessment
Purpose & Capability
Name, description, required binaries (curl, node) and outbound host (api.supah.ai) match the declared purpose of calling a remote token-scanning API and formatting results locally. One minor inconsistency: the registry metadata lists SUPAH_API_BASE as a required env var, while SKILL.md describes it as optional (an override of the default API endpoint).
Instruction Scope
Runtime instructions and the included script only call the stated api.supah.ai endpoint, parse results, and output a report; they do not request other system credentials or read unrelated files. Two items to note: (1) the skill assumes an 'x402-compatible' agent that will automatically perform an on-chain USDC payment — this may result in unexpected charges if you enable the skill on an agent with a funded wallet; (2) the script writes the API JSON to /tmp/guardian-result.json (local persistence), which could be visible to other local users on multi-user systems and thus leak scan results or inferred trading intent.
Install Mechanism
No install spec (instruction-only) and a single small shell + Node parsing script are included. Nothing is downloaded or extracted at install time by the skill itself, which is lower risk.
Credentials
The skill requests only SUPAH_API_BASE (used to override the API base URL). It does not request API keys or wallet/private-key credentials. However, functional usage requires that the agent has a funded wallet with USDC on Base to satisfy x402 micropayments; that financial requirement is external to the skill but relevant to privacy/expense risk. The SUPAH payTo address is declared in metadata (visible), so verify you trust the recipient before enabling automatic payments.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or global agent configuration. It does write output to /tmp but otherwise requires no special system privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install supah-token-guardian - After installation, invoke the skill by name or use
/supah-token-guardian - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.3.0
Removed subscription comparison pricing. x402 clean.
v1.2.0
Security: declared required bins (curl, node), env vars (SUPAH_API_BASE), outbound network (api.supah.ai), x402 payment details in metadata. Fixes ClawHub security scan.
v1.1.0
x402 only: removed API key references, added Moralis attribution
v1.0.0
Initial release: 6-layer token safety scanner with Guardian Score (0-100). Contract verification, honeypot detection, liquidity analysis, deployer profiling, holder distribution, trading pattern analysis. x402 micropayments.
Metadata
Frequently Asked Questions
What is SUPAH Token Guardian?
Pre-trade token safety scanner for 21+ EVM chains. 6-layer deep scan: contract safety, liquidity health, deployer profiling, holder distribution, trading pat... It is an AI Agent Skill for Claude Code / OpenClaw, with 161 downloads so far.
How do I install SUPAH Token Guardian?
Run "/install supah-token-guardian" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is SUPAH Token Guardian free?
Yes, SUPAH Token Guardian is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does SUPAH Token Guardian support?
SUPAH Token Guardian is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created SUPAH Token Guardian?
It is built and maintained by supah-based (@supah-based); the current version is v1.3.0.
More Skills