Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
TigerPass — Hardware-Secured Crypto Wallet & Trading Terminal for AI Agents | Hyperliquid Perps, Polymarket Predictions, DEX Swaps, Cross-Chain Bridge, E2E Encrypted Agent-to-Agent Commerce
v0.1.1Crypto wallet and trading terminal for AI agents — trade Hyperliquid perps and spot, bet on Polymarket predictions, swap tokens on 6 EVM chains, bridge USDC...
⭐ 0· 259·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description align with what the SKILL.md instructs: a macOS CLI 'tigerpass' that manages a hardware-secured EOA, trading, swaps, bridging, contract exec, and agent-to-agent messaging. Required binary 'tigerpass' and the described commands are coherent with the stated purpose.
Instruction Scope
The runtime instructions direct the agent to perform network operations (DEX/aggregator, Circle Iris, Hyperliquid flows), discover and message external agents, and autonomously sign payments (x402) and on‑chain transactions. Those actions are consistent with a wallet/trading terminal but grant broad ability to send funds and interact with external endpoints (including advertising endpoints like https://tigerpass.net/tap/agent/...). The SKILL.md also embeds approval/auto‑authorization behavior (e.g., auto-approve builder fee, unlimited approvals) which can cause funds to be spent without additional human confirmation. No instructions request unrelated local files or env vars, but the agent will contact and trust external services and other agents — this is high-impact for money-moving operations.
Install Mechanism
SKILL.md contains install commands (brew tap TigerPassNet/tigerpass and a GitHub build) even though the registry summary stated 'No install spec / instruction-only' — that's an inconsistency. The install sources themselves are standard (Homebrew tap and GitHub repo), not obscure URLs, but they are a custom tap and a third‑party GitHub org (TigerPassNet). That requires validating the tap and repository (formula, release artifacts, signatures) before installing. Building from source requires Xcode and sudo cp which modifies /usr/local/bin — expected for a CLI but worth auditing.
Credentials
The skill declares no environment variables or external credentials, which is consistent with using a hardware-backed key (Secure Enclave) and a local CLI. There are no unrelated credential requests. However, ability to sign payments and execute arbitrary contracts means the binary itself must be trusted — lack of declared env vars does not eliminate risk.
Persistence & Privilege
Skill is not always-included and allows model invocation (normal). It requests no special persistent system privileges in metadata, but the CLI will hold the signing capability (Secure Enclave access) and can perform autonomous signing and on‑chain payments. Combined with network discovery/messaging, this gives a large operational blast radius if the binary is malicious or buggy — verify binary provenance and signing behavior before gifting it any funds or enabling autonomous workflows.
What to consider before installing
Things to check before installing/using TigerPass:
- Metadata inconsistency: the registry said 'no install spec' but SKILL.md includes Homebrew tap and GitHub build instructions. Ask the publisher to clarify install method and provide signed release binaries.
- Verify the source: inspect the Homebrew tap formula and the GitHub repo (TigerPassNet/tigerpass-cli). Confirm release artifacts, checksums, and code review (especially signing/bridge/messaging code) before running brew install or building as root.
- Audit the binary: the CLI is given authority to sign EIP-191/EIP-712 messages, do x402 HTTP payments, and execute arbitrary contracts. Ensure the binary is vendor-signed and inspect network endpoints it communicates with (especially any central relayers or discovery endpoints like tigerpass.net).
- Test with minimal funds: if you try it, use a brand-new EOA with minimal balance, and avoid granting unlimited ERC-20 allowances (avoid approve --amount max) until you understand the flows.
- Disable autonomous/agent-driven trades until you trust it: the skill supports autonomous agent-to-agent commerce and automatic builder-fee approvals — these can cause funds to move without further human confirmation.
- Confirm platform requirements: SKILL.md requires Apple Silicon and Secure Enclave; verify your device and whether the CLI enforces/assumes this.
- If you cannot audit the code, prefer not to install a custom CLI that holds signing authority. Request signed releases, reproducible builds, or a vetted Homebrew formula before using with real funds.
Summary recommendation: the skill's functionality matches its description, but because it grants a CLI broad ability to sign and move funds and the package sources are a custom tap/GitHub repo (plus metadata inconsistencies), proceed only after verifying the release artifacts and auditing the code; treat it as high-risk until proven trustworthy.Like a lobster shell, security has layers — review code before you run it.
agent-economyvk971nhrgp18pcddfv6gsqvv4f1828y5tagent-identityvk971nhrgp18pcddfv6gsqvv4f1828y5tagent-messagingvk971nhrgp18pcddfv6gsqvv4f1828y5tai-agentvk971nhrgp18pcddfv6gsqvv4f1828y5tcryptovk971nhrgp18pcddfv6gsqvv4f1828y5tdefivk971nhrgp18pcddfv6gsqvv4f1828y5te2e-encryptionvk971nhrgp18pcddfv6gsqvv4f1828y5terc-8004vk971nhrgp18pcddfv6gsqvv4f1828y5thyperliquidvk971nhrgp18pcddfv6gsqvv4f1828y5tlatestvk973j1baf9nt20k3dzndd495y183zqtkon-chain-identityvk971nhrgp18pcddfv6gsqvv4f1828y5tpolymarketvk971nhrgp18pcddfv6gsqvv4f1828y5tsecure-enclavevk971nhrgp18pcddfv6gsqvv4f1828y5ttradingvk971nhrgp18pcddfv6gsqvv4f1828y5twalletvk971nhrgp18pcddfv6gsqvv4f1828y5t
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🐯 Clawdis
OSmacOS
Binstigerpass