ClawHub
Back to skill

Security audit

gate-info-trendanalysis

Security checks across malware telemetry and agentic risk

Overview

This is a read-only Gate market-data skill for crypto technical analysis, with minor documentation inconsistencies but no evidence of credential use, trading authority, exfiltration, or bundled executable behavior.

Before installing, confirm you are comfortable with a skill that queries Gate Info market-data MCP tools and may read shared Gate runtime-rule files from the parent skill environment. It should not place trades, require secrets, or modify account data; treat its technical analysis as informational, not investment advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Description-Behavior Mismatch

Low
Confidence
97% confidence
Finding
The manifest says that if a query mentions fundamentals, risk, news, sentiment, or any other non-technical dimension, the user should be routed to `gate-info-research`. However, the routing table sends "Comprehensive analysis" queries to `gate-info-coinanalysis`, which is a semantic mismatch in the skill’s declared behavior and intended handoff path.

Intent-Code Divergence

Low
Confidence
96% confidence
Finding
The manifest explicitly states that when a request includes additional analysis dimensions beyond technicals, the correct skill is `gate-info-research`. The cross-skill routing table instead documents `gate-info-coinanalysis` for "What about fundamentals?" / "Full analysis", creating an active documentation-level contradiction about intended behavior.

Vague Triggers

Medium
Confidence
94% confidence
Finding
This markdown file says the skill applies when the user asks about technicals or trend in Chinese, but the listed prompt examples are still in English. That leaves the actual trigger scope unclear for Chinese-language activation and provides no specific phrases or exclusions to prevent unintended invocation.

Unrestricted Tool Access

Medium
Category
Excessive Agency
Content
## General Rules

⚠️ STOP — You MUST read and strictly follow the shared runtime rules before proceeding.
Do NOT select or call any tool until all rules are read. These rules have the highest priority.
→ Read `../gate-runtime-rules.md`
→ Also read `../info-news-runtime-rules.md` for gate-info / gate-news shared rules (tool degradation, report standards, security, routing, and optional local maintenance when `scripts/` is present).
- **Only call MCP tools explicitly listed in this skill.** Tools not documented here must NOT be called, even if they
Confidence
80% confidence
Finding
call any tool

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal