74
/ 100
29 days ago
glama

agenti

Enables any MCP-compatible LLM client to autonomously hold, spend, earn, and receive cryptocurrency using native MCP tools, no code required.

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
🚨
Secret credentials may flow to a network call
1 flow detected: RAPIDAPI_KEY. We can’t prove the destination matches the brand the credential belongs to.
🚨
Known vulnerabilities in dependencies: 2 critical
Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.
🔐
You'll be asked for 17 credentials: AGENTI_EVM_PRIVATE_KEY, AGENTI_SOLANA_PRIVATE_KEY, AGENT_PRIVATE_KEY, ANTHROPIC_API_KEY, BINANCE_API_KEY, BINANCE_SECRET_KEY, BITREFILL_API_KEY, BNB_PRIVATE_KEY, BSCSCAN_API_KEY, ETHERSCAN_API_KEY, EVM_KEY, FACILITATOR_PRIVATE_KEY, HELIUS_API_KEY, HYPERLIQUID_PRIVATE_KEY, OPENAI_API_KEY, RAPIDAPI_KEY, SOLANA_PRIVATE_KEY
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// known CVEs in dependencies2 critical

Disclosed vulnerabilities in this server's declared npm dependencies (via OSV). Whether each is reachable depends on the installed versions.

criticalvitest@1.6.0GHSA-5xrq-8626-4rwp

When Vitest UI server is listening, arbitrary file can be read and executed

criticalvitest@1.6.0GHSA-9crc-q9x8-hgqq

Vitest allows Remote Code Execution when accessing a malicious website while Vitest API server is listening

Depend on this server? Get alerted when its CVEs change.Watch this server free →
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
🔐 secretAGENTI_EVM_PRIVATE_KEY"": "0x...",
🔐 secretAGENTI_SOLANA_PRIVATE_KEY"": "hex-encoded-64-byte-key"
🔐 secretAGENT_PRIVATE_KEY
🔐 secretANTHROPIC_API_KEYsk-... SOLANA_PRIVATE_KEY=<key> npx tsx examples/03-agent-buys.ts
configARB_RPC_URL
configBASE_RPC_URL
configBASE_SEPOLIA_RPC_URL
🔐 secretBINANCE_API_KEY
🔐 secretBINANCE_SECRET_KEY
configBINANCE_US
🔐 secretBITREFILL_API_KEY
configBITREFILL_TEST_MODE
🔐 secretBNB_PRIVATE_KEY
🔐 secretBSCSCAN_API_KEY
configBUY_AMOUNT
🔐 secretETHERSCAN_API_KEY
configETH_RPC_URL
🔐 secretEVM_KEY
🔐 secretFACILITATOR_PRIVATE_KEY
🔐 secretHELIUS_API_KEY
🔐 secretHYPERLIQUID_PRIVATE_KEY
configMCP_TRANSPORT
configMINTconst state = await trader.coinState()
🔐 secretOPENAI_API_KEY
configPAYMENT_ADDRESS
configPORT
🔐 secretRAPIDAPI_KEY
configRECEIVER_ADDRESS
🔐 secretSOLANA_PRIVATE_KEYconst keypair = Keypair.fromSecretKey(bs58.decode(process.env.!))
configSOLANA_RPC_URLconst trader = solana({ keypair, rpc: process.env. })
configTOKEN_AMOUNTSOLANA_PRIVATE_KEY=<key> MINT=<mint> =50000 npx tsx examples/05-sell-on-migration.ts
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 8 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/nirholas-agenti-x6sy8t)](https://m8ven.ai/mcp/nirholas-agenti-x6sy8t)
commit: e73049f2f7e4477f62843df2698d5eabe36bd72e
code hash: f24027fd91e454762e048bdb67e86b2a47c2b87a4c0a4f4f2cd805099d3149dd
verified: 6/11/2026, 11:39:49 AM
view raw JSON →