ClawHub

Gate Exchange Assets

v1.0.0

Gate multi-account asset and balance query skill. Use when the user asks to check total assets, account balance, or specific coin holdings across all account...

0· 46·0 current·0 all-time
bygaixg@gaixianggeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the requested env vars (GATE_API_KEY, GATE_API_SECRET) and the listed MCP read tools. All required items (API key + secret, specific Gate MCP read tools) are appropriate for querying balances across account types.
Instruction Scope
SKILL.md confines behavior to read-only calls to the documented MCP tools, includes explicit runtime rules (do not call undocumented tools, do not ask users to paste secrets), and references local MCP session use. It does not instruct reading unrelated files or exfiltrating data to third-party endpoints.
Install Mechanism
Instruction-only skill with no install spec or code files; nothing is written to disk or fetched at install time. This minimizes installer-related risk.
Credentials
Only GATE_API_KEY and GATE_API_SECRET are requested and declared as primaryEnv; these are proportionate for read-only account queries. The skill documents required read permissions and cautions against pasting secrets into chat.
Persistence & Privilege
always:false and normal user-invocable configuration. The skill does not request persistent system modifications, nor does it claim to alter other skills or host config; runtime rules explicitly forbid storing/rotating/exporting secrets.
Assessment
This skill appears to be what it says: a read-only Gate multi-account balance query that needs your Gate API key and secret configured in the local MCP session. Before installing: (1) confirm you trust the MCP deployment and the skill source (check the GitHub homepage), (2) use an API key scoped to read-only permissions if possible, (3) never paste API keys into chat (the skill also warns against this), and (4) consider rotating the key after use if you have concerns. If the local MCP host or toolset is untrusted, do not provide credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97chdxert4w5awv9rt6qyzp4d84e10x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvGATE_API_KEY, GATE_API_SECRET
Primary envGATE_API_KEY

Comments