Haggle Protocol
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for crypto negotiation, but it can use an agent wallet private key and an external MCP package to move real USDC, while the registry under-declares that credential and authority.
Only install this if you are comfortable with an agent-connected crypto tool. Use a fresh dedicated wallet, keep only tiny amounts of funds in it, approve exact token amounts, verify the npm package and contract addresses yourself, and require manual confirmation for every mainnet transaction.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent, MCP package, or environment is misused or compromised, wallet funds approved or held by that key could be spent or locked in irreversible on-chain transactions.
A wallet private key can authorize transfers, approvals, and escrow transactions. The registry metadata says there are no required env vars or primary credentials, so this sensitive authority is under-declared outside the skill text.
This skill requires `HAGGLE_PRIVATE_KEY` to sign on-chain transactions. This is a sensitive credential.
Use only a dedicated wallet with minimal funds, avoid main wallets, verify the package and contracts independently, and require explicit user approval before any transaction signing.
An agent action could create an escrow, submit or accept offers, or settle a deal with real funds if connected to a funded wallet.
These MCP tools perform high-impact financial state changes. The artifacts advise minimal funding, but do not show enforced confirmation gates, transaction caps, or rollback protections for fund-moving actions.
`create_negotiation` | Create a new negotiation with escrow deposit | ... `accept_offer` | Accept counterparty's offer, trigger settlement |
Treat all write tools as requiring human confirmation, set strict wallet funding and token-approval limits, and test on testnets before any mainnet use.
A compromised or different npm package version could access the configured wallet key or submit unintended transactions.
The script installs an external global MCP server whose source is not included in the provided artifacts. Because that server is intended to access HAGGLE_PRIVATE_KEY and sign transactions, package provenance and integrity are material.
npm install -g @haggle-protocol/mcp@0.2.0
Review the exact npm package source and integrity before installation, pin and verify checksums where possible, and run it in an isolated environment with a low-value wallet.