The only risk auditor for Solana Token-2022 (Token Extensions) mints — a Claude Code / Codex skill. It decomposes every extension authority (live vs renounced), flags the extension combinations the Token-2022 program itself rejects, and scores a mint SAFE → CRITICAL with a fix per finding — before you integrate one or ship your own.
Zero runtime dependencies · illegal-combo rules pinned to the Token-2022 program source · even PayPal's PYUSD audits CRITICAL.
Full generated report:
reports/pyusd.md.
Token-2022 extensions add powerful optional behaviors to a mint — several are fund-loss-grade when an authority is live or misconfigured (PermanentDelegate can seize balances, TransferHook can block transfers, TransferFeeConfig can be raised to 100%, PausableConfig can halt all transfers). Mintoscope audits that surface — the one no existing kit skill covers.
Given a mint address (post-deploy) or your token-creation code (pre-deploy), it produces a RiskReport that:
- Lists every Token-2022 extension present and what it means.
- Names the exact controlling authority for each, and whether it is live (active) or renounced (null).
- Scores severity conditionally — a renounced
PermanentDelegateis inert; a live one isCRITICAL. - Flags extension combinations conservatively — never asserting "illegal" without program-source proof.
- Returns markdown or JSON, with a concrete remediation per finding.
- Integrators, exchanges, wallets deciding whether a token is safe to list or accept.
- Builders hardening their own token before mainnet.
- Security researchers triaging a mint's authority surface in seconds.
- Reads the mint via Solana RPC
getAccountInfo(jsonParsed) — the validator parses every extension the cluster supports, so coverage stays version-proof. - Decomposes authorities: live (non-null) vs. renounced (null). Severity depends on this, not on mere presence.
- Detects the extension combinations the Token-2022 program actually rejects (verified against its
check_for_invalid_mint_extension_combinations), plus dangerous-but-legal pairs. Combinations the program allows — even unusual ones like PYUSD'sConfidentialTransferMint+TransferHook— are never flagged illegal. - Scores: severity tier (primary) + 0–100 (secondary).
The interpreter is a pure function, unit-tested against captured-mainnet and crafted fixtures; only the RPC fetch touches the network.
- Node.js 18+ (uses native
fetch). - A Solana RPC URL (defaults to mainnet-beta; a dedicated RPC such as Helius avoids public rate limits).
- Claude Code or Codex, to use it as a skill.
git clone https://github.com/Cassxbt/mintoscope && cd mintoscope
npm install
bash install.sh # copies skill/ into ~/.claude/skills (and ~/.codex, ~/.agents if present)npm run audit -- <MINT_ADDRESS> # markdown report
npm run audit -- <MINT_ADDRESS> --json # JSON
SOLANA_RPC_URL=<rpc> npm run audit -- <MINT_ADDRESS> # custom RPCAs a skill, ask the agent: "Audit Token-2022 mint <address>" or "Review my token's extensions before I deploy."
The Demo above is real output. PYUSD audits CRITICAL because it has live seize, mint, freeze, and close authorities — the capabilities of a regulated-issuer model. CRITICAL means capability, not intent — Mintoscope reports the power an authority holds and lets you decide whether you trust the controller. Full generated report: reports/pyusd.md.
npm run validate — each row is checked live on mainnet (the auditor self-verifies the program owner, so this reflects on-chain truth, not assumptions):
| Mint | Program | Verdict | Extensions |
|---|---|---|---|
| PYUSD | Token-2022 | CRITICAL | MintCloseAuthority, PermanentDelegate, TransferFeeConfig, ConfidentialTransferMint, ConfidentialTransferFeeConfig, TransferHook, MetadataPointer, TokenMetadata |
| USDC | classic SPL | SAFE | — |
| USDT | classic SPL | SAFE | — |
| BONK | classic SPL | SAFE | — |
| wSOL | classic SPL | SAFE | — |
| JUP | classic SPL | SAFE | — |
PYUSD is the richest real-world Token-2022 case (8 extensions); the classic-SPL rows are negative controls confirming no false positives. Beyond live mints, the test suite exercises the full severity matrix against crafted fixtures — renounced authorities downgrading to SAFE, PausableConfig → CRITICAL, frozen-by-default → HIGH, and the five program-verified illegal combinations. Run npm run validate -- <MINT> <MINT> … to audit any set of mints.
| Tool | Covers | Mintoscope adds |
|---|---|---|
SendAI birdeye token-security |
~7 coarse post-deploy API flags | Full mint-extension set, per-authority decomposition, severity tiers, pre-deploy review |
Trail of Bits token-integration-analyzer |
EVM / ERC-20 | The Solana Token-2022 domain |
Solana Foundation token-2022 reference |
How to build with extensions | Risk-first auditing, detection, scoring |
- Program / Anchor logic vulnerabilities → use Trail of Bits
solana-vulnerability-scanner. - Price, liquidity, holder distribution, honeypot-trading risk → use a market scanner such as
birdeye. - Trust decisions — it reports an authority's capability; it does not judge whether the controller is trustworthy.
- Illegal-combination detection mirrors the Token-2022 program's
check_for_invalid_mint_extension_combinations(verified 2026-06); if the program adds new combination constraints, this list must be updated to match. - Pre-deploy mode is a guided review — the agent reads your source against the risk matrix — not a static parser.
- The extension set is current as of 2026-06; an unrecognized future extension is surfaced for manual review rather than ignored.
- Zero runtime dependencies — reads chain state via native
fetch; no wallet, no keys, no bundled executables. - Clean
npm audit(0 advisories). - Read-only. Informational, not financial or security advice; verify on-chain before acting.
skill/
SKILL.md progressive, token-efficient router
post-deploy-audit.md · pre-deploy-review.md
resources/ extension-risk-matrix · incompatible-combinations · fix-templates
examples/
audit-deployed.ts runnable auditor
validate.ts mainnet validation
lib/ resolver · rules · combos · score · report (+ tests)
skill-registry.entry.json entry for the Solana AI Kit registry
MIT © cassxbt