Gangtise Agent调用

PassAudited by ClawScan on May 9, 2026.

Overview

This appears to be a coherent Gangtise research API wrapper, with the main cautions being its use of Gangtise credentials and potentially credit-consuming/broad API queries.

Before installing, confirm you are comfortable giving the skill Gangtise API credentials, keep any local authorization file protected, and use narrow query parameters to avoid unnecessary credit usage. The artifacts do not show malicious behavior, but the registry metadata should be corrected to reflect the credential requirement.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI03: Identity and Privilege Abuse

What this means

Your Gangtise API credentials will be used by this skill to access Gangtise services, which may include paid or proprietary research data.

Why it was flagged

The skill reads Gangtise access credentials from environment variables or a local authorization file and sends them to Gangtise's auth endpoint to obtain an access token. This is expected for the integration, but it is sensitive delegated account access.

Skill content

GTS_AUTHORIZATION_PATH = os.path.join(os.path.abspath(os.path.dirname(__file__)), ".authorization")
GTS_ACCESS_KEY = os.getenv("GTS_ACCESS_KEY", None)
GTS_SECRET_KEY = os.getenv("GTS_SECRET_KEY", None)
...
payload = {
    "accessKey": ak,
    "secretAccessKey": sk
}
response = requests.post(AUTHORIZATION_URL, json=payload)

Recommendation

Use a scoped Gangtise key if available, prefer environment variables over a local credential file, restrict file permissions for scripts/.authorization, and remove credentials when no longer needed.

Low

#ASI02: Tool Misuse and Exploitation

What this means

A broad query could consume more Gangtise credits than expected and return a large amount of research data.

Why it was flagged

The security-clue endpoint can request up to 500 returned items and the code states returned clues are charged at 1 credit per item. This is purpose-aligned, but users should control query size and scope.

Skill content

def format_security_clue_payload(
    page_from: int = 0,
    page_size: int = 500,
...
    if size > 500:
        size = 500
...
extra_message = f"提示：本次成功返回 {points_cost} 条线索，按 1 积分/条计费。"

Recommendation

Use explicit date ranges, codes, sources, and smaller page sizes unless you intentionally want a broad query.

Info

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Install-time metadata may understate the credential setup needed for the skill.

Why it was flagged

The registry metadata says no credentials are required and version 1.4.2, while SKILL.md declares version 1.4.4 and requires GTS_ACCESS_KEY/GTS_SECRET_KEY or scripts/.authorization. This is an under-declaration/inconsistency, not evidence of malicious behavior.

Skill content

Version: 1.4.2
...
Required env vars: none
Env var declarations: none
Primary credential: none

Recommendation

The publisher should align registry metadata with SKILL.md so users see the required credentials and correct version before installation.