soulpass-cli-skill
agent
Uyari
Health Uyari
- No license — Repository has no license file
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 6 GitHub stars
Code Uyari
- Code scan incomplete — No supported source files were scanned during light audit
Permissions Gecti
- Permissions — No dangerous permissions requested
Purpose
This tool provides a hardware-secured Solana wallet and trading terminal specifically designed for AI agents. It facilitates decentralized finance operations, token swaps, and features an identity layer for secure agent-to-agent communication and commerce.
Security Assessment
This tool handles highly sensitive data, specifically managing cryptographic wallets and executing financial transactions on the Solana blockchain. It operates as an installed CLI, meaning it natively executes shell commands and makes external network requests to blockchain nodes and decentralized exchanges. While no hardcoded secrets were detected in the available files, the automated nature of financial trading carries significant financial risk. Notably, the rule-based scan could not verify the actual source code files, meaning the security claims (like Apple Secure Enclave integration) could not be independently confirmed in this audit. Overall risk is High due to the combination of autonomous financial control, network access, and unverified proprietary code.
Quality Assessment
The project is very new and lacks community visibility, evidenced by having only 6 GitHub stars. While it appears actively maintained given a recent push, it is missing a standard open-source license, which creates legal ambiguity regarding how the code can be used or modified. The inability of the scanner to analyze the underlying source language or files further limits the ability to assess its actual code quality or safety.
Verdict
Not recommended for production use without a thorough manual code review, as autonomous financial control and unverified code pose extreme risks.
This tool provides a hardware-secured Solana wallet and trading terminal specifically designed for AI agents. It facilitates decentralized finance operations, token swaps, and features an identity layer for secure agent-to-agent communication and commerce.
Security Assessment
This tool handles highly sensitive data, specifically managing cryptographic wallets and executing financial transactions on the Solana blockchain. It operates as an installed CLI, meaning it natively executes shell commands and makes external network requests to blockchain nodes and decentralized exchanges. While no hardcoded secrets were detected in the available files, the automated nature of financial trading carries significant financial risk. Notably, the rule-based scan could not verify the actual source code files, meaning the security claims (like Apple Secure Enclave integration) could not be independently confirmed in this audit. Overall risk is High due to the combination of autonomous financial control, network access, and unverified proprietary code.
Quality Assessment
The project is very new and lacks community visibility, evidenced by having only 6 GitHub stars. While it appears actively maintained given a recent push, it is missing a standard open-source license, which creates legal ambiguity regarding how the code can be used or modified. The inability of the scanner to analyze the underlying source language or files further limits the ability to assess its actual code quality or safety.
Verdict
Not recommended for production use without a thorough manual code review, as autonomous financial control and unverified code pose extreme risks.
Hardware-secured Solana wallet, trading terminal, and agent identity layer for AI agents. Jupiter DEX swaps, meme coin trading, DeFi yield, trading bots, on-chain identity, encrypted agent-to-agent messaging, service discovery. Keys in Apple Secure Enclave.
README.md
SoulPass — Hardware-Secured Solana Trading Terminal for AI Agents
AI agent skill for Solana trading, DeFi, and agent-to-agent infrastructure with hardware-secured wallet. Built for Claude Code, Codex, Gemini CLI, and OpenClaw.
What it does
Trading & DeFi
- Jupiter DEX trading — swap any Solana token with best-price aggregation across Raydium, Orca, Meteora
- Meme coin trading — built-in rug-pull detection, liquidity checks, risk assessment before every trade
- Copy trading — follow profitable Solana wallets with systematic risk management
- DeFi yield — earn interest via Jupiter Lend on idle USDC/SOL
- Trading bots — JSON-RPC daemon for low-latency automated strategies
Agent Identity & Communication
- On-chain identity (ERC-8004) — discoverable agent identity with name, capabilities, and reputation
- Agent-to-agent messaging — encrypted communication between agents with signature verification
- Service discovery — find other agents by capability, broadcast your own needs
- Agent commerce — sell services to other agents via ACE Protocol, with on-chain payment verification
Security
- Hardware security — signing keys live in Apple Secure Enclave, physically impossible to extract
Quick start
# Install
brew tap SoulPass-AI/soulpass && brew install soulpass
# Initialize wallet
soulpass init
# Start trading
soulpass swap --from USDC --to SOL --amount 100
Why hardware security matters
Software-based private keys can be leaked from .env files. SoulPass keys are born in the chip and never leave.
| Approach | Security | Can run autonomously? |
|---|---|---|
.env private key |
Software — plaintext | Yes |
| Browser wallet | Software encryption | No — manual approval |
| MPC wallet | Split-key — provider holds shard | Yes |
| SoulPass | Hardware chip | Yes — zero trust |
Install as Claude Code skill
claude install-skill SoulPass-AI/soulpass-cli-skill
Links
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi