A community-driven registry for the Claude Code ecosystem. Not affiliated with Anthropic.
Are you the author? Sign in to claim
Solana Token Safety Oracle for AI Agents & Trading Bots — byte-level SPL analysis, honeypot detection, Birdeye enrichmen
Solana Token & NFT Safety Oracle for AI Agents & Trading Bots
Real-time token and NFT safety analysis combining byte-level on-chain inspection, LP lock verification, deployer reputation scoring, market intelligence, and NFT fraud detection. Built for autonomous AI agents, MCP-enabled LLMs, and trading infrastructure.
"Don't trade blind. Query SicariusGuard before every swap."
https://sicarius-guard-640545264957.us-east4.run.app# Try it now — no auth required (100 free calls/day)
curl https://sicarius-guard-640545264957.us-east4.run.app/v1/scan/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263
SicariusGuard performs 12 layers of safety analysis on any Solana SPL token or NFT:
| Layer | Source | Detection |
|---|---|---|
| 🔓 Mint Authority | Raw SPL mint bytes | Can deployer print infinite tokens? |
| 🧊 Freeze Authority | SPL layout offset 46 | Can deployer freeze any wallet? |
| ⚠️ Token-2022 Extensions | Extension type scan | PermanentDelegate, TransferHook, ConfidentialTransfers |
| 🍯 Honeypot Detection | Jupiter sell simulation | Can you actually sell this token? |
| 📊 Holder Concentration | getTokenLargestAccounts | Top 5 wallets controlling >50% supply? |
| Layer | Source | Detection |
|---|---|---|
| 🔒 LP Lock/Burn | Raydium V4 byte decode + GeckoTerminal | Is liquidity locked, burned, or unlocked? |
| ⏰ Token Age | Helius enhanced RPC | Newborn (<24h)? Young (<7d)? Mature? |
| ⚖️ Unified Scoring | 5-axis weighted engine | Combined risk across all layers |
| Layer | Source | Detection |
|---|---|---|
| 📈 Market Intel | Birdeye API | Liquidity, volume, wash trading, manipulation |
| 🔎 Wallet Reputation | Helius Identity + Funded-By | Is the deployer a known scammer? |
| 🕵️ Deployer Recon | DAS + Enhanced TX | Serial rugger? Burner wallet? Dead token history? |
| 🖼️ NFT Intelligence | Helius DAS + Magic Eden | Counterfeit collection? Unverified creators? Pricing anomaly? |
finalScore = (onChain × 0.45) + (lpLock × 0.15) + (age × 0.05) + (market × 0.22) + (reputation × 0.13)
0 → SAFE
1-15 → CAUTION
16-50 → HIGH_RISK
51-100 → CRITICAL
| Weight | Source | What It Catches |
|---|---|---|
| 45% | On-chain safety | Mint/freeze authority, honeypots, extensions, supply |
| 15% | LP lock analysis | Unlocked liquidity, unburned LP tokens, lock duration |
| 5% | Token age | Newborn tokens (<24h), recently deployed |
| 22% | Birdeye market data | Low liquidity, wash trading, price manipulation |
| 13% | Helius wallet intel | Scammer wallets, suspicious funding chains, burner deployers |
# Clone
git clone https://github.com/Chronolapse411/sicarius-guard.git
cd sicarius-guard
# Install
npm install
# Configure
cp .env.example .env
# Add your HELIUS_RPC_URL and optionally BIRDEYE_API_KEY
# Build & Run
npm run build
npm start
| Method | Endpoint | Description |
|---|---|---|
POST | /v1/check | Full on-chain safety analysis |
GET | /v1/check/:mint | Convenience GET for safety check |
POST | /v1/scan | Full 12-layer analysis + Birdeye + Helius + deployer recon |
GET | /v1/scan/:mint | Convenience GET for enriched scan |
POST | /v1/honeypot | Honeypot-only check (Jupiter sell sim) |
POST | /v1/holders | Holder concentration analysis |
GET | /v1/lp-lock/:mint | LP lock/burn status for a token |
GET | /v1/token-age/:mint | Token creation date and age category |
GET | /v1/deployer/:address | Deployer reconnaissance dossier |
GET | /v1/nft-check/:mint | NFT safety analysis (Magic Eden + Helius DAS) |
GET | /v1/pricing | x402 payment pricing table |
GET | /health | Service health check with cache stats |
# Basic safety check (BONK)
curl https://sicarius-guard-640545264957.us-east4.run.app/v1/check/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263
# Full 12-layer scan
curl https://sicarius-guard-640545264957.us-east4.run.app/v1/scan/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263
# LP lock check (POPCAT — 99.2% burned, 20,865 SOL liquidity)
curl https://sicarius-guard-640545264957.us-east4.run.app/v1/lp-lock/7GCihgDB8fe6LNjn2MYtkzZcRjQy3t9GHdC8uHYmW2hr
# NFT safety check (Mad Lads #7541)
curl https://sicarius-guard-640545264957.us-east4.run.app/v1/nft-check/7zuR45WCsAsWsrqvYPyvLXFiCRKuvjh7HrMcNJ6F36Kd
# Deployer recon (checks if a wallet is a serial scammer)
curl https://sicarius-guard-640545264957.us-east4.run.app/v1/deployer/BGkkEeg4Gj8VcoerFb2RephZNkTEfHmzJBZMv4S7qVTQ
/v1/scan){
"safety": {
"safe": true,
"riskScore": 0,
"verdict": "SAFE",
"checks": {
"mintAuthority": { "status": "REVOKED", "safe": true },
"freezeAuthority": { "status": "REVOKED", "safe": true },
"token2022Extensions": { "status": "CLEAN", "safe": true },
"supplyConcentration": { "status": "OK", "safe": true }
}
},
"honeypot": { "isHoneypot": false, "sellable": true },
"holders": { "concentrated": false, "stats": { "top10Pct": 8.2 } },
"lpLock": {
"status": "burned",
"burnPct": 99.2,
"liquiditySOL": 20865,
"poolCreatedAt": "2023-12-12T..."
},
"tokenAge": {
"ageCategory": "mature",
"createdAt": "2022-12-08T...",
"ageDays": 1259
},
"deployerRecon": {
"verdict": "CLEAN",
"recidivismScore": 0,
"portfolioSize": 1
},
"combined": {
"safe": true,
"finalScore": 0,
"verdict": "SAFE",
"summary": "All checks passed — token appears safe"
}
}
SicariusGuard exposes tools via the Model Context Protocol (MCP), enabling LLMs and agent frameworks to call safety checks natively.
| Tool | Description | Read-Only |
|---|---|---|
check_token_safety | 5-layer on-chain rug pull, honeypot, and holder analysis | ✅ |
check_honeypot | Jupiter DEX sell simulation — zero cost, quote-only | ✅ |
check_holder_concentration | Top holder distribution analysis with concentration flags | ✅ |
check_lp_lock | LP lock/burn status — Raydium V4 byte decode + burn detection | ✅ |
check_token_age | Token creation date and age category via Helius RPC | ✅ |
full_token_scan | 12-layer scan: on-chain + LP + age + market + reputation + deployer | ✅ |
get_wallet_reputation | Helius DAS identity, funding chain, deployer age analysis | ✅ |
get_market_intel | Birdeye market data: price, volume, liquidity, risk flags | ✅ |
recon_deployer | Deployer reconnaissance — portfolio health, serial scammer detection | ✅ |
check_nft | NFT safety analysis — collection verification, floor price, risk scoring | ✅ |
batch_scan | Parallel 12-layer scan of up to 10 tokens per call | ✅ |
# Run directly — no cloning required
npx sicarius-guard
claude mcp add sicarius-guard -- npx -y sicarius-guard
Or manually add to your Cursor MCP config:
{
"mcpServers": {
"sicarius-guard": {
"command": "npx",
"args": ["-y", "sicarius-guard"],
"env": {
"HELIUS_RPC_URL": "https://mainnet.helius-rpc.com/?api-key=YOUR_KEY",
"BIRDEYE_API_KEY": "your-birdeye-key"
}
}
}
}
Or via CLI:
code --add-mcp '{"name":"sicarius-guard","command":"npx","args":["-y","sicarius-guard"]}'
{
"mcpServers": {
"sicarius-guard": {
"command": "node",
"args": ["dist/mcp-server.js"],
"cwd": "/path/to/sicarius-guard",
"env": {
"HELIUS_RPC_URL": "https://mainnet.helius-rpc.com/?api-key=YOUR_KEY",
"BIRDEYE_API_KEY": "your-birdeye-key"
}
}
}
}
┌──────────────────────────────────────────────────────────────┐
│ SicariusGuard v1.1 │
│ │
│ ┌─────────────┐ ┌─────────────┐ ┌──────────────────────┐ │
│ │ REST API │ │ MCP Server │ │ x402 Payment Gate │ │
│ │ Express 5 │ │ 11 tools │ │ SOL Micropayments │ │
│ │ 12 endpts │ │ stdio │ │ │ │
│ └──────┬──────┘ └──────┬──────┘ └──────────┬───────────┘ │
│ │ │ │ │
│ ┌──────▼────────────────▼─────────────────────▼───────────┐ │
│ │ 12-Layer Analysis Engine │ │
│ │ │ │
│ │ token_safety.ts ┐ │ │
│ │ honeypot_sim.ts ├─ On-Chain (45%) │ │
│ │ holder_analysis.ts┘ │ │
│ │ lp_lock.ts LP Lock (15%) │ │
│ │ token_age.ts Age (5%) │ │
│ │ birdeye.ts Market (22%) │ │
│ │ helius_wallet.ts Rep (13%) │ │
│ │ scoring.ts Unified 5-Axis Engine │ │
│ │ deployer_recon.ts Deployer Reconnaissance │ │
│ │ nft_intel.ts NFT Intelligence (ME + DAS) │ │
│ └──────────────────────────┬───────────────────────────────┘ │
│ │ │
│ ┌───────────┬───────────┼───────────┬─────────────┐ │
│ ▼ ▼ ▼ ▼ ▼ │
│ ┌───────┐ ┌─────────┐ ┌────────┐ ┌──────────┐ ┌─────────┐ │
│ │Solana │ │Birdeye │ │Helius │ │Magic Eden│ │Gecko │ │
│ │RPC │ │API v3 │ │DAS+RPC │ │v2 (free) │ │Terminal │ │
│ └───────┘ └─────────┘ └────────┘ └──────────┘ └─────────┘ │
└──────────────────────────────────────────────────────────────┘
SicariusGuard implements the x402 HTTP Payment Required protocol for machine-native micropayments. AI agents can pay per API call with SOL — no registration, no API keys, no accounts.
1. Agent hits /v1/scan → gets 402 + payment instructions
2. Agent sends SOL to treasury wallet
3. Agent retries with X-PAYMENT: <tx_signature>
4. Server verifies on-chain → returns safety data
| Endpoint | Price (SOL) | Description |
|---|---|---|
/v1/check | 0.001 | On-chain safety check |
/v1/scan | 0.002 | Full 12-layer scan |
/v1/honeypot | 0.0005 | Honeypot simulation |
/v1/holders | 0.0005 | Holder analysis |
/v1/nft-check | 0.001 | NFT safety check |
# Step 1: Get pricing + treasury address
curl https://sicarius-guard-640545264957.us-east4.run.app/v1/pricing
# Step 2: Send SOL to treasury address (returned in pricing response)
solana transfer <TREASURY_ADDRESS> 0.002
# Step 3: Use tx signature as payment proof
curl -X POST https://sicarius-guard-640545264957.us-east4.run.app/v1/scan \
-H "Content-Type: application/json" \
-H "X-PAYMENT: <your_tx_signature>" \
-d '{"mint": "DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263"}'
| Tier | Auth Method | Rate Limit |
|---|---|---|
| Free | None | 100 calls/day per IP |
| x402 Pay-Per-Call | X-PAYMENT header (SOL tx sig) | Unlimited |
| Variable | Description | Default |
|---|---|---|
HELIUS_RPC_URL | Solana RPC endpoint (Helius recommended) | https://api.mainnet-beta.solana.com |
PORT | API server port | 3400 |
HOST | Bind address | 0.0.0.0 |
BIRDEYE_API_KEY | Birdeye API key (optional, enriches scans) | — |
TREASURY_WALLET | SOL payment recipient (x402) | — |
CACHE_TTL_SECONDS | Cache duration | 300 |
FREE_TIER_CALLS_PER_DAY | Free tier rate limit | 100 |
UPSTASH_REDIS_REST_URL | Upstash Redis URL for persistent rate limiting | — |
UPSTASH_REDIS_REST_TOKEN | Upstash Redis auth token | — |
Tested with 50-token bulk scan on Solana mainnet:
| Metric | Value |
|---|---|
| Success rate | 50/50 (100%) |
| Avg response time | 5.4s |
| x402 payment verification | Verified live on mainnet |
Most token safety tools rely on third-party APIs that can be gamed. SicariusGuard reads raw mint account bytes directly from the blockchain — the same data the Solana runtime uses to execute transactions. No middleman, no stale data, no API that can be fooled.
| Feature | SicariusGuard | RugCheck | GoPlus |
|---|---|---|---|
| Byte-level SPL analysis | ✅ | ❌ | ❌ |
| Token-2022 extension scanning | ✅ | ❌ | Partial |
| Jupiter honeypot simulation | ✅ | ❌ | ❌ |
| LP lock/burn detection | ✅ | ✅ | ❌ |
| Raydium V4 byte decode | ✅ | ❌ | ❌ |
| Token age analysis | ✅ | ❌ | ❌ |
| Deployer serial scammer detection | ✅ | ❌ | ❌ |
| NFT fraud detection | ✅ | ❌ | ❌ |
| Helius wallet reputation | ✅ | ❌ | ❌ |
| 12-layer weighted scoring | ✅ | ❌ | ❌ |
| MCP server for AI agents | ✅ | ❌ | ❌ |
| x402 pay-per-call (SOL) | ✅ | ❌ | ❌ |
| Self-hosted (no vendor lock-in) | ✅ | ❌ | ❌ |
| Birdeye market enrichment | ✅ | ❌ | ❌ |
| Sub-6s full scan | ✅ | ✅ | ✅ |
Build powerful agentic workflows by combining SicariusGuard with these complementary MCP servers:
| Server | Description | Use With SicariusGuard |
|---|---|---|
| Pentagonal | AI-powered smart contract auditing for Solidity & Anchor/Rust | Audit the contract → scan the token with SicariusGuard |
| Desk3 | Real-time cryptocurrency market data | Get macro market context → validate token safety |
| AgentForge | DeFi safety layer — SPL approval scans & contract registry | Check approvals → scan token safety with SicariusGuard |
| Financial Datasets | Stock & market data for AI assistants | Cross-market correlation analysis |
MIT — Built by Chronolapse411
Run Claude Code as an MCP server so any agent can delegate coding tasks to it
Browser automation using accessibility snapshots instead of screenshots
English-first Korean equity intelligence MCP — DART filings, foreign-holder 5%-rule flows, activist filings, KRX news. F
Unity MCP acts as a bridge between AI assistants and your Unity Editor. Give your LLM tools to manage assets, control sc
via CLI
