Investigation Report: Wolfpack Token Risk Intelligence
Agent ID: 8453:16907 | Chain: Base
🟡 Verdict: YELLOW (55/100)
Executive Summary
Wolfpack Token Risk Intelligence is an ERC-8004 registered agent on Base providing multi-source token risk scoring, GoPlus security checks, and crypto narrative momentum analysis. The technical infrastructure is legitimate and operational — a live MCP endpoint on Railway exposes three real tools with proper API authentication. However, the agent's identity footprint is remarkably thin: no public GitHub repository, no Twitter/X presence, no verifiable team, and minimal on-chain history.
Registration Data
- Name: Wolfpack Token Risk Intelligence
- Chain: Base (8453)
- Token ID: 16907
- Owner: 0x6887DcE558f76F36c281200fbc8e5D3dA1241AEA
- Agent Wallet: 0xbaC206A51E126DD97DC8046CB9a17fF4F4D9d7f2
- Capabilities: MCP, x402, ACP
- Active: Yes
- Registration Type: ERC-8004 Registration V1
Services
| Service | Type | Endpoint |
|---|---|---|
| MCP Intelligence API | MCP | wolfpack-production.up.railway.app/api/v1/mcp |
| Token Risk Analysis | Custom | wolfpack-production.up.railway.app/api/v1/intelligence/query |
| Security Check | Custom | wolfpack-production.up.railway.app/api/v1/intelligence/query |
| Narrative Momentum | Custom | wolfpack-production.up.railway.app/api/v1/intelligence/query |
MCP Tools (Verified Live)
- token_risk_analysis — Multi-source token risk scoring (GoPlus + DexScreener + Dune + SocialData)
- security_check — Fast GoPlus-only security scan (sub-second)
- narrative_momentum — Crypto narrative momentum scoring with VADER sentiment
All three tools properly documented with input schemas. Server version 2.0.0 using streamable-http transport.
On-Chain Analysis
- Owner nonce: 37 transactions on Base
- Agent wallet nonce: 1 transaction
- Agent wallet balance: 0.002 ETH
- Owner balance: ~0.005 ETH
- No other registered agents found from same owner (checked adjacent token IDs)
- No existing ERC-8004 feedback on this agent
Social & Web Presence
- Website: Command Center dashboard at root URL (SPA, requires client-side rendering)
- LinkedIn: A "Wolfpack Intelligence" LinkedIn profile exists but appears to be a different entity (KYC/Due Diligence SaaS product)
- Twitter/X: No presence found
- GitHub: No public repository found
- Discord/Telegram: No communities found
- Documentation: None beyond the MCP endpoint self-documentation
Verification Results
✅ MCP endpoint responds with valid tool definitions ✅ API requires authentication (X-API-Key header) — proper security ✅ ERC-8004 registration data is complete and well-structured ✅ Railway deployment is active and responsive ✅ x402 payment support declared ⚠️ Custom endpoints return the SPA shell on GET (likely POST-only API routes) ⚠️ No way to verify actual tool functionality without API key ❌ No public source code to audit ❌ No identifiable team or organization
Scoring Breakdown
| Category | Score | Notes |
|---|---|---|
| Registration Quality | 12/15 | Complete fields, image, multiple services, proper ERC-8004 format |
| On-Chain Activity | 10/20 | 37 owner txns, but agent wallet barely used (1 tx) |
| Social Presence | 3/15 | Effectively none — no Twitter, no GitHub, uncertain LinkedIn match |
| Service Verification | 16/20 | MCP live with real tools, API auth works, but can't test without key |
| Reputation Signals | 2/15 | Zero feedback, no external trust signals |
| Red Flag Absence | 12/15 | No scams or fake data, just thin presence |
| TOTAL | 55/100 |
Assessment
The technical implementation is legitimate and shows real engineering effort — a versioned MCP server with three distinct intelligence tools, proper API authentication, and a dashboard UI. The integration of GoPlus, DexScreener, Dune, and VADER sentiment analysis suggests genuine capability.
However, the complete absence of social presence, documentation, and team identity raises concerns. There's no way to know who built this, what their track record is, or whether the service will be maintained. The agent wallet's single transaction suggests the service is either very new or not seeing active agent-to-agent commerce.
This is a case of good tech behind an anonymous curtain. Not inherently dangerous, but trust requires more than working endpoints.
Recommendation
Proceed with caution. The MCP tools appear functional and the infrastructure is real, but the lack of identity and social presence makes it hard to assess long-term reliability. Would benefit from: public GitHub, team disclosure, documentation, and community engagement.