ClawHub

Gate Exchange Coupon

v1.0.1

Gate coupon and voucher query skill. Use when the user asks about coupon balance, rules, expiry, or source. Triggers on 'my coupons', 'coupon details', 'vouc...

0· 77·0 current·0 all-time
bygaixg@gaixianggeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Gate coupon queries) match the declared needs: the skill requires GATE_API_KEY and GATE_API_SECRET and calls read-only coupon endpoints via the Gate MCP. Asking for the exchange API key/secret is appropriate for authenticated read operations.
Instruction Scope
SKILL.md confines behavior to read-only coupon list/detail queries, enforces using only documented MCP tools, and explicitly disallows asking users to paste secrets. It references using a programming tool (example: python3 -c) to convert timestamps; the metadata does not list python as a required binary — this is a small documentation inconsistency but not evidence of malicious behavior. No instructions ask to read unrelated files or transmit data to external endpoints outside the Gate MCP.
Install Mechanism
Instruction-only skill with no install spec and no code files. This minimizes risk because nothing in the bundle is downloaded or executed on install.
Credentials
Only two environment variables are required (GATE_API_KEY, GATE_API_SECRET) and the primary credential is correctly identified. Those credentials are proportional to the stated read-only coupon query purpose (minimal permission: Coupon:Read). No unrelated secrets or extraneous env vars are requested.
Persistence & Privilege
always:false (no forced presence). The skill does not request persistent system-wide modifications, does not store/rotate secrets, and is explicitly read-only. Autonomous invocation being allowed is the platform default and is not an additional concern here.
Assessment
This skill appears internally consistent and limited to read-only coupon queries. Before installing: (1) ensure you configure a Gate API key with the minimal Coupon:Read permission (avoid giving write/trading scopes), (2) confirm your environment has a local Gate MCP session as the skill expects and do not paste API secrets into chat, and (3) be aware the instructions reference using a programming tool (example: python3) for timestamp conversion — if your environment lacks that tool the agent may fall back to other means or ask you. If you need extra assurance, review the SKILL.md and the referenced files yourself and verify the MCP endpoints it will call match your expectations.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b37rgbsc56ktf6xgy0qsvws84ezmp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvGATE_API_KEY, GATE_API_SECRET
Primary envGATE_API_KEY

Comments