Back to skill
Skillv1.0.1
ClawScan security
Gate Exchange Transfer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 6, 2026, 2:09 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This skill's requirements, declared permissions, and runtime instructions are coherent with its stated purpose (performing same-UID internal transfers on Gate); nothing in the bundle indicates unrelated access or hidden installs.
- Guidance
- This skill appears coherent and implements only Gate account-book reads plus an internal transfer call. Before enabling it, ensure: (1) any GATE_API_KEY you provide has the minimum necessary scopes and is stored in the platform/host environment (do not paste secrets into chat); (2) Wallet:Write is powerful — consider creating a restricted API key (if Gate supports scoping) and test with a small amount; (3) confirm your agent's runtime enforces the explicit confirmation step (because SKILL.md is a procedural guard, not a runtime enforcement); and (4) rotate or revoke the API key if you stop using the skill. If you cannot guarantee the confirmation gate or you don't trust the host MCP session, do not provide wallet-capable credentials.
Review Dimensions
- Purpose & Capability
- okName/description match the declared needs: the skill performs same-UID internal transfers and requires Gate API credentials and Wallet:Write plus several read scopes. The required env vars (GATE_API_KEY, GATE_API_SECRET) and listed MCP tools correspond to the transfer workflow and are proportionate to the stated purpose.
- Instruction Scope
- okSKILL.md only instructs read-only account-book queries and a single write operation (cex_wallet_create_transfer). It contains explicit preconditions, a mandatory Transfer Draft + explicit confirmation gate, and instructs using only the documented MCP tools. It does not ask to read unrelated files or to transmit secrets via chat. Note: the confirmation gate is a procedural guard implemented in instructions — static review cannot enforce it at runtime.
- Install Mechanism
- okNo install spec or external downloads — instruction-only skill. Nothing is written to disk or fetched from arbitrary URLs.
- Credentials
- okOnly two environment variables are required (GATE_API_KEY, GATE_API_SECRET) and the primaryEnv is GATE_API_KEY. These are expected and necessary for authenticated wallet transfers. The permissions requested (Wallet:Write and account read scopes) are appropriate for an internal-transfer capability.
- Persistence & Privilege
- notealways:false (normal). The skill can be invoked autonomously by the agent (default platform behavior). Because it can perform write transfers when valid credentials are present, administrators should ensure the agent's invocation policy and confirmation flow are enforced in the runtime environment; the SKILL.md mandates a confirmation gate, but that is an instruction-level guard, not a technical enforcement.