A lightweight MCP server that reads a Solana token's mint directly from the chain to screen for the common rug & honeypot traps before your agent trades — active mint/freeze authority and dangerous Token-2022 extensions (permanent delegate, transfer hooks, non-transferable, pausable) — then, for tokens that pass, builds the buy as an unsigned Jupiter transaction carrying a small Jito tip for faster inclusion. You sign it; the server never holds keys.
No install, no API key. Point your agent at the remote endpoint:
https://web-production-58d585.up.railway.app/mcp
Then ask one question before any buy:
scan_token("DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263") # BONK
→ { verdict: "SAFE", safety_score: 100, sellable: true, risks: ["no red flags found"] }
SAFE → clear. CAUTION → read the risks. DANGER → don't buy. That's the whole loop.
Three real mainnet tokens, one scan_token call each (scanned 2026-06-17 — re-run to verify, live state changes):
| Token | Verdict | Why |
|---|---|---|
| BONK | SAFE · 100 |
authority renounced, liquid, sellable — no red flags |
| USDC | CAUTION · 70 |
issuer keeps an active mint and freeze authority — your balance can be frozen |
fresh pump token 24tF…i9pump |
DANGER · 20 |
no sell route (honeypot), 100% held by one wallet, $0 liquidity |
The honeypot is the one that matters: you could buy it and never sell. RugCheck AI flags it before your
agent spends a cent — even though the token is too new to be indexed anywhere else. Even USDC comes back
CAUTION, not SAFE, because the issuer can still freeze your balance — the verdict tells you the truth, not
a marketing label.
Screening
scan_token— full safety report in one call: authority, Token-2022 traps, honeypot, liquidity & holder concentration → SAFE/CAUTION/DANGER + a 0–100 scoreis_safe— quick yes/no gate: one boolean before you tradeverify_token_safety— on-chain audit: mint/freeze authority + Token-2022 traps + live marketcheck_authorities— mint / freeze authority and extension detectionsimulate_sell— can the token actually be sold? (honeypot check)simulate_trade— full round-trip (buy then sell back): real entry/exit cost & round-trip loss %check_liquidity— DEX liquidity, 24h volume, age, buys/sellsholders_breakdown— top-holder concentration (dump risk)token_age— freshness + real trading activityrug_forecast— heuristic rug ETA: probability + urgency window + factorsscammer_dna— intent score (0–100): how much the token's structure looks like a deliberate scamcheck_deployer— the wallets that hold power over the tokencompare_tokens— rank a basket of tokens safest-firstbatch_scan— scan up to 10 tokens at once, one report each
Execution
execute_safe_swap— re-screens the mint, then builds a Jito-tipped Jupiter swap (unsigned); refuses tokens that scan DANGER
Remote (Streamable HTTP) — no install, point your agent at:
https://web-production-58d585.up.railway.app/mcp
Listed on the official MCP Registry as
io.github.MrWizardlyLoaf/rugcheck-ai.
Self-host:
pip install -r requirements.txt
SOLANA_RPC=<your-rpc-url> python server.pyCline / Claude Dev (VS Code) — in cline_mcp_settings.json:
{ "mcpServers": { "rugcheck-ai": { "url": "https://web-production-58d585.up.railway.app/mcp" } } }Claude Desktop — in claude_desktop_config.json:
{ "mcpServers": { "rugcheck-ai": { "command": "npx", "args": ["-y", "mcp-remote", "https://web-production-58d585.up.railway.app/mcp"] } } }Cursor — Settings → MCP → Add → Streamable HTTP, then paste the endpoint URL.
Any MCP client — it's a standard Streamable HTTP MCP server; point your client at the /mcp endpoint and the 15 tools appear.
Most agents trade Solana tokens blind. RugCheck AI calls getAccountInfo on the mint and reads the
authorities and Token-2022 extensions itself, so you get a real verdict on a fresh launch instead of
unknown — and a live mint or freeze authority is flagged before you buy, not after.
Your agent needs to answer, before it spends a cent:
- Is this Solana token safe to buy — or is it a rug pull?
- Is this a honeypot — will I actually be able to sell after I buy?
- Does the mint have an active freeze / mint authority that can trap or dilute me?
- Is there a hidden Token-2022 trap (permanent delegate, transfer hook) that can drain me?
- Pre-trade screening / token due-diligence for an autonomous trading agent.
Built for AI trading agents, snipers and bots that buy SPL / Token-2022 tokens and need a fast on-chain rug check before entering — then a screened Jupiter route once a token clears.
How do I check if a Solana token is safe to buy?
Call scan_token(mint) — one call returns a SAFE / CAUTION / DANGER verdict covering mint/freeze
authority, Token-2022 traps, honeypot (sellability), liquidity and holder concentration, plus a
0–100 safety score.
How do I detect a honeypot before buying?
simulate_sell(mint) checks whether a live sell route exists — a token with no route is effectively
a honeypot even when nothing on-chain formally blocks selling.
How do I check holder concentration / whale dump risk?
holders_breakdown(mint) reports the largest wallets and what share of supply they control — high
concentration means one holder can crash the price on you.
How do I know if a token is a rug pull?
rug_forecast(mint) gives a heuristic rug probability and urgency window from real signals
(authority, Token-2022 traps, concentration, sell pressure, age). check_authorities and
check_deployer show exactly who holds power over the token.
Does it work on fresh / newly launched tokens?
Yes — it reads the mint directly on-chain (getAccountInfo), so you get a real verdict on a token
too new to be indexed elsewhere. token_age shows freshness and real trading activity.
Does it touch my wallet or sign anything?
No. Screening is read-only; execute_safe_swap only builds an UNSIGNED transaction for you to sign —
the server never holds keys, never signs, never sends.
Is it free? Do I need an API key? Remote server, no install, no API key. Point your agent at the endpoint and call the tools.
v1.2.0 — working, actively developed, CI-tested. Open source, auditable — the screening tools are
read-only (getAccountInfo); execute_safe_swap only builds an unsigned transaction for you to sign.
MIT licensed. Self-hostable. Built for Solana trading agents.