Official Verified developer tools Safety 4/5

onchain-contract-token-analysis

Analyze smart contracts, token mechanics, permissions, fee flows, upgradeability, market risks, and likely attack surfaces for onchain projects. Use when reviewing ERC-20s, launchpads, vaults, staking systems, LP fee routing, ownership controls, proxy setups, or suspicious token behavior.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/0xrowan/onchain-contract-token-a

Download Source Code (.zip)

What This Skill Does

The onchain-contract-token-analysis skill empowers OpenClaw to perform deep-dive security and architectural audits of smart contracts and token systems. Rather than relying on superficial block explorer summaries, this skill systematically parses contract logic to uncover how an onchain project actually operates under the hood. It maps out the architecture, identifies privileged administrative functions, traces fee routing, assesses upgradeability patterns, and proactively searches for common attack surfaces. Whether you are conducting due diligence on a new token launch, auditing a vault strategy, or investigating suspicious onchain behavior, this skill provides the technical clarity required to understand risks like hidden blacklists, centralized control, or potential rug-pull mechanisms.

Installation

To integrate this skill into your environment, run the following command in your terminal: clawhub install openclaw/skills/skills/0xrowan/onchain-contract-token-a

Use Cases

Token Due Diligence: Determine if an ERC-20 token contains hidden taxes, transfer restrictions, or ownership-based minting functions.
Protocol Security Review: Analyze vaults, staking contracts, or LP routers to verify that funds are locked securely and that admin roles are appropriately restricted.
Suspicious Activity Investigation: Deconstruct a contract experiencing anomalous behavior to identify if it is a result of a reentrancy exploit, signature replay, or a malicious admin action.
Governance Analysis: Identify who controls the protocol and what specific parameters (like fee percentages, whitelist addresses, or implementation targets) they can modify.

Example Prompts

"Analyze this token contract address 0x... and tell me if the owner can mint new tokens, update the tax rate, or blacklist my wallet addresses."
"Review this vault contract. How do fees get routed, and is the upgradeability logic handled by a multi-sig or a single EOA?"
"This protocol is experiencing high slippage and weird behavior. Check the router and underlying LP pool for any emergency switches or rounding errors that could be exploited."

Tips & Limitations

To get the best results, always provide the source code (if verified) or the ABI alongside the contract address. While the skill is highly capable, remember that onchain analysis is limited by the bytecode provided; complex obfuscation or multi-contract interaction chains may require iterative prompts to fully map. Always treat the output as a security analysis aid rather than a replacement for a formal, multi-party smart contract audit.

Read Full Documentation on GitHub

Metadata

Author@0xrowan

Stars4473

Updated2026-05-01

View Author Profile

AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill

Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-0xrowan-onchain-contract-token-a": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#web3#security#smart-contracts#defi#audit

Safety Score: 4/5

Flags: network-access, code-execution

Related Skills