Skills
skills/tigerfintech/tigeropen-skill/tigeropen/Gen Agent Trust Hub

tigeropen

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the tigeropen SDK and the tigermcp server package from standard package registries (PyPI).
  • [REMOTE_CODE_EXECUTION]: Downloads and executes installation scripts for the uv tool from Astral's official domain and the Homebrew package manager from its official GitHub repository. These are well-known and trusted developer utilities.
  • [COMMAND_EXECUTION]: Instructs the agent on using the tigeropen CLI for market data queries and trade management, and managing the tigermcp server via shell commands.
  • [DATA_EXPOSURE]: Provides guidance for managing sensitive API credentials (private keys and account IDs) using standard environment variables and configuration files (~/.tigeropen/tiger_openapi_config.properties).
  • [PROMPT_INJECTION]: Employs robust safety instructions that direct the AI to default to paper trading accounts and explicitly verify all order details with the user before executing live trades, reducing the risk of unauthorized financial actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 07:48 AM