Skills
skills/termix-official/cryptoclaw/security-check

security-check

SKILL.md

GoPlus Security API

Quick Access

The check_address_security tool provides instant address risk assessment. All transfers are also auto-checked before execution.

Assess token contracts, wallet addresses, and approvals for security risks using the free GoPlus API.

Base URL

https://api.gopluslabs.io/api/v1

No API key required. Free tier is sufficient for normal usage.

Security Checks

1. Token Security

GET /token_security/{chain_id}?contract_addresses={address}

Chain IDs: 1 (Ethereum), 56 (BSC), 137 (Polygon), 42161 (Arbitrum), 10 (Optimism), 8453 (Base)

Key response fields:

  • is_honeypot — token cannot be sold (CRITICAL)
  • buy_tax / sell_tax — percentage tax on trades (HIGH if > 10%)
  • is_mintable — owner can mint unlimited tokens
  • hidden_owner — ownership is concealed
  • can_take_back_ownership — owner can reclaim after renouncing
  • selfdestruct — contract can self-destruct
  • is_proxy — upgradeable proxy contract
  • is_open_source — source code is verified
  • holder_count — number of holders
  • lp_holder_count — number of LP holders
  • is_anti_whale — anti-whale mechanism present
  • owner_percent — percentage held by owner
  • creator_percent — percentage held by creator

2. Address Security

GET /address_security/{address}?chain_id={chain_id}

Checks if an address is associated with: phishing, stealing, malicious contracts, or blacklists.

3. Approval Security

GET /approval_security/{chain_id}?contract_addresses={address}

Checks token approval risks: whether the approved contract is malicious or has known exploits.

4. NFT Security

GET /nft_security/{chain_id}?contract_addresses={address}

Checks NFT contract for: privileged operations, restricted transfer, self-destruct, and trading risks.

5. Phishing Site Detection

GET /phishing_site?url={url}

Checks if a URL is a known phishing site. Use this before directing users to any DeFi frontend.

Risk Scoring Workflow

Evaluate the response fields and classify risk:

CRITICAL (do not proceed):

  • is_honeypot: 1
  • selfdestruct: 1
  • hidden_owner: 1 AND is_mintable: 1

HIGH (strong warning):

  • buy_tax > 10% or sell_tax > 10%
  • can_take_back_ownership: 1
  • is_open_source: 0 (unverified source)
  • owner_percent > 50%

MEDIUM (note to user):

  • is_proxy: 1 (upgradeable)
  • is_mintable: 1 (alone)
  • holder_count < 100

LOW (informational):

  • is_anti_whale: 1
  • Minor tax (< 5%)

Risk Report Template

🛡️ Security Report: {token_name} ({symbol})
Chain: {chain_name} | Contract: {address}

Risk Level: {CRITICAL|HIGH|MEDIUM|LOW}

✅ Passed:
- Open source: Yes
- Not a honeypot
- No self-destruct

⚠️ Warnings:
- Sell tax: 5%
- Mintable: Yes
- Holder count: 87

❌ Critical:
- (none)

Recommendation: {proceed with caution / avoid / safe to interact}

Cross-references

Other skills should invoke security checks:

  • token-swap: Check token before executing swaps
  • nft-manager: Check NFT contract before purchases
  • etherscan: Complement ABI analysis with security data

Example Interactions

User: "Is this token safe? 0x..." → Call /token_security/56?contract_addresses=0x..., generate risk report

User: "Check this address for me: 0x..." → Call /address_security/0x...?chain_id=56, report any flags

User: "Are my token approvals safe?" → Call /approval_security/56?contract_addresses=0x... for each approved contract

User: "Is this DeFi site legit? https://..." → Call /phishing_site?url=https://..., report result

Weekly Installs
6
Repository
termix-official…yptoclaw
GitHub Stars
291
First Seen
Feb 28, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykWarn
Installed on
gemini-cli6
opencode6
github-copilot6
codex6
kimi-cli6
claude-code6