Taiko Native Bridge
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is purpose-aligned for Taiko bridging, but it can direct an agent to sign high-impact crypto transactions with a wallet private key without clearly requiring per-transaction user approval or verified tooling.
Only install this if you understand the Taiko bridge workflow and are comfortable letting a CLI use a wallet private key. Use a limited-purpose wallet, verify the bridge-cli source/version, and require the agent to ask for approval before every transaction.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent runs a bridge command with the wrong parameters, the user could lose funds or move assets to the wrong address.
These are direct blockchain transaction workflows for moving or claiming assets. The artifact does not require explicit user approval of recipient, amount, token, direction, or fees before an agent signs/runs them.
Pipeline (fastest for agents):
- ETH: `./bridge-cli claim-eth "${COMMON_FLAGS[@]}" --to 0x... --value 1 --fee 0 --gas-limit 1000000`
...
Low-level explicit (debuggable):
1. `send-*`
2. `wait-ready --tx-hash <send_tx_hash>`
3. `claim --tx-hash <send_tx_hash>`Require explicit user confirmation immediately before every transaction, including source/destination chain, token, amount, recipient, fee, gas limit, and transaction hash.
A private key can control the user's wallet funds; mishandling or unintended use could authorize unwanted transactions.
The skill requires a wallet private key and passes it to bridge-cli, granting authority to sign transactions. This sensitive credential requirement is not reflected in the supplied registry metadata, which lists no required env vars or primary credential.
export BRIDGE_CLI_PRIVATE_KEY=0x... ... --private-key "$BRIDGE_CLI_PRIVATE_KEY"
Declare the private-key requirement in metadata, avoid exposing it in command-line arguments where possible, and use a narrowly funded wallet or safer signing flow with explicit approvals.
A changed, compromised, or wrong binary could access the wallet key or submit unintended transactions.
The install guidance uses an unpinned remote package and an unverified downloaded executable. Because this tool receives a private key and signs transactions, provenance and version pinning are important.
Preferred (remote install): - `go install github.com/davidcai/taiko-bridge-cli/cmd/bridge-cli@latest` ... Download binary (if release artifact is available): - `curl -L -o bridge-cli <release-binary-url>` - `chmod +x bridge-cli`
Pin a reviewed version or commit, publish checksums/signatures, and tell users to verify the binary before using it with any private key.