Safety Report

RugCheck

Name: RugCheck
Author: PsychoTechV4

Analyze Solana tokens for rug pull risks using the RugCheck API (rugcheck.xyz). Use when asked to check a Solana token safety, risk score, liquidity, holder distribution, metadata mutability, or insider trading patterns. Also use for discovering trending, new, or recently verified Solana tokens. Triggers on token check, rug check, token safety, Solana token analysis, is this token safe, token risk score, LP locked, holder concentration.

899Downloads

2Installs

0Stars

1Versions

API Integration4,971 Workflow Automation3,323 Design & Prototyping842

Security Analysis

high confidence

Clean

The skill is internally consistent: its name/description match the included shell script and SKILL.md, it only queries the public RugCheck API and requests no credentials or installs, and there are no anomalous file reads or hidden endpoints.

Feb 11, 20262 files

Purpose & Capabilityok

Name/description promise Solana token risk checks via RugCheck and the included script plus SKILL.md implement exactly that (calls to https://api.rugcheck.xyz endpoints). No extraneous credentials, binaries, or unrelated capabilities are requested.

Instruction Scopeok

Runtime instructions and the script only call RugCheck read endpoints, validate mint addresses locally, and pretty-print JSON. They do not read arbitrary files, environment variables, or send data to any endpoints other than api.rugcheck.xyz. Bulk endpoints are documented as requiring JWTs but the skill does not attempt to perform auth automatically.

Install Mechanismok

No install spec; this is instruction-only with a small bundled shell script. There are no downloads, extracted archives, or third-party package installs.

Credentialsok

No environment variables, credentials, or config paths are required. The SKILL.md mentions that some bulk endpoints require a wallet JWT (correctly labeled) but the skill does not request or embed any secret.

Persistence & Privilegeok

always is false and the skill does not modify system or other skills' config. It has no persistent install steps or privileges beyond running a local script that issues HTTP requests.

Guidance

This skill appears to do what it says: it sends token mint addresses to rugcheck.xyz and returns public risk reports. Before installing, consider: (1) Queries will reveal which token mint addresses you ask about to a third party (rugcheck.xyz) — avoid sending any sensitive/private data. (2) The SKILL.md mentions bulk endpoints that require a wallet JWT; the skill does not attempt to obtain any JWTs automatically, but you should not provide private keys or wallet secrets. (3) Rate limits may apply; the script respects basic error handling but you may want to throttle repeated queries. If you need full privacy or offline analysis, use your own tooling or self-hosted analyzers instead.

Latest Release

v1.0.0

Initial release

More by @PsychoTechV4

Agent Memory Architecture

6 stars

self-improving-agent

@pskoett · 1,456 stars

Gog

@steipete · 672 stars

Tavily Web Search

@arun-8687 · 620 stars

Find Skills

@JimLiuxinghai · 529 stars

Proactive Agent

@halthelobster · 426 stars

Published by @PsychoTechV4 on ClawHub