| # | Category | Check | Risk | Detail | Source |
|---|
| Wallet | Buys | Sells | Vol | Avg | Bot Score | Patterns |
|---|
| Issue | Severity | Detail |
|---|
| Chain | Token | Address | Liquidity | Age |
|---|
| # | Wallet | % | Flag |
|---|
| Time | Wallet | ~USD | Side |
|---|
Every day hundreds of new tokens launch on Solana. Most of them are scams. Honeypots, fake volume bots, unlocked liquidity pools, mutable metadata — the tricks are endless and they keep evolving. This scanner exists because we got tired of losing money to tokens that looked legit on the surface.
We built this Solana token auditor after getting rugged one too many times. It started as an internal tool for the $ONE-PIECE community, but we figured if it helps us avoid scams, it should help everyone else too. So here it is — completely free, no sign-up, no API key needed.
The audit runs 250+ individual checks across multiple categories. It pulls data from six different sources simultaneously — your token gets cross-referenced against GoPlus, RugCheck, DexScreener, GeckoTerminal, Jupiter, and direct Solana RPC calls. No single source tells the full story, so we use all of them.
Here is what gets analyzed:
Contract security — mint authority, freeze authority, honeypot detection (cross-validated across three separate APIs), proxy contracts, hidden ownership, tax manipulation, self-destruct functions, blacklist capabilities. If the contract has a way to screw you, this finds it.
Liquidity analysis — LP burn and lock status verified through GoPlus Locker API, not just self-reported claims. Lock expiry dates, removable liquidity percentage, LP holder diversity, actual Jupiter slippage at three different trade sizes. You will know exactly how much liquidity can be pulled and when.
Bot and fake volume detection — the scanner parses up to 300 individual transactions from the blockchain. It profiles every wallet, clusters identical buy amounts, detects machine-like timing patterns, identifies micro-buy floods, and calculates a bot score for each wallet. If the volume is being faked by five wallets trading back and forth, you will see it.
Holder concentration — raw top holder percentages are misleading because they include LP pools and burned supply. This scanner resolves each holder through two-level RPC lookups to identify which wallets are LP pools, which are burn addresses, and which are actual human holders. You get adjusted concentration numbers that reflect reality.
Copycat detection — searches DexScreener across all chains for tokens with the same name or symbol. If an older or richer version exists on another chain, you are probably looking at a copycat trying to ride someone else's hype.
Developer history — checks how many tokens the deployer wallet has created before and how many of those are dead (liquidity under $100). Serial deployers with graveyards of dead tokens are flagged immediately.
20+ scam pattern matching — the scanner does not just check individual metrics. It looks for combinations: classic rug pulls, slow rugs, pump and dumps, honeypots, mint-and-dump schemes, freeze-and-steal setups, tax scams, FOMO bait, circular trading, layered wallet dumps. Each pattern gets a probability score.
Those tools are good. We use their APIs. But they each see one piece of the picture. GoPlus might say a token has no honeypot flag, while Jupiter cannot even route a buy — that is a silent honeypot and neither tool catches it alone. RugCheck might flag insiders but does not parse actual transaction history for bot patterns. This scanner combines everything into one view and cross-validates findings across sources. When three different APIs agree something is wrong, you can trust that signal.
This needs to be said clearly: no scanner catches everything. New scam techniques appear constantly. A token can pass every automated check and still be a scam if the team simply decides to dump their tokens on you. Social engineering, insider coordination, and delayed rugs are things no tool can predict with certainty.
The scanner also depends on public RPC nodes for on-chain data. These have rate limits, which means the deep transaction analysis (bot detection, wallet profiling, trade patterns) sometimes works with incomplete data. When that happens, the report tells you — look for the "TX Data Quality" indicator. HIGH means reliable bot analysis, LOW or NONE means the on-chain data is incomplete and you should weigh API-sourced data (DexScreener, GoPlus, RugCheck) more heavily.
A high score does not mean "safe to buy." A low score does not always mean "definite scam." This is a research tool, not financial advice. Always do your own research. Check the deployer's Twitter, look at the community, read the contract if you can, ask questions in the Telegram. Use this scanner as one input among many.
The audit score runs from 0 to 100. Anything below 35 has multiple critical red flags — honeypot indicators, unlocked LP, serial deployer history, extreme holder concentration, or confirmed bot activity. Between 35 and 60 means there are real concerns that need investigation. Above 60 means fewer automated red flags were found, but it still does not guarantee safety.
Start with the narrative summary at the top — it explains the most important findings in plain language. Then check the red flags section for anything critical. The category breakdown shows you which areas scored well and which did not. If you want the full picture, the audit table lists every single check with its risk level, result, and data source.
The shareable report card generates a PNG image you can post on social media or send to friends. It includes the score, key stats, and top red flags — everything someone needs to quickly assess a token without running the scan themselves.
Any SPL token on Solana with at least one trading pair on a DEX. This includes standard SPL tokens, Token-2022 tokens (with extension detection), and pump.fun launches. The scanner automatically detects the token type and adjusts its checks accordingly — pump.fun tokens start with a higher base risk because statistically most of them are short-lived.
Established tokens with high liquidity across multiple DEXes are recognized and scored appropriately — LP lock checks are relaxed for tokens with $500K+ liquidity across 3+ pools because those represent a fundamentally different risk profile than a fresh launch.
This tool is provided as-is with no guarantees. It is not financial advice. Cryptocurrency trading carries substantial risk. Never invest money you cannot afford to lose. DYOR — do your own research before interacting with any token. Built by the $ONE-PIECE community on Solana.