ClawHub

gate-exchange-activitycenter

v1.0.3

Gate platform activity and campaign hub skill. Use when the user asks about trading competitions, airdrops, or their enrolled activities. Triggers on 'recomm...

0· 117·0 current·0 all-time
byGate@gate-exchange
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill is an Activity Center for Gate Exchange and only declares the Gate API key/secret and Activity:Read permission. Those credentials are expected and necessary for the read-only MCP queries the skill describes (list activities, list types, get my entry). No unrelated services or credentials are requested.
Instruction Scope
SKILL.md restricts the agent to the documented MCP tools (three read-only queries) and explicitly forbids asking users to paste secrets into chat. It directs only read operations and includes runtime rules and error handling. There are no instructions to read unrelated files, call external endpoints, or exfiltrate data.
Install Mechanism
This is an instruction-only skill with no install spec and no code files to write or execute on host. That minimizes disk-write installation risk.
Credentials
Only GATE_API_KEY and GATE_API_SECRET are required and the primary credential is GATE_API_KEY. The required env vars directly map to the declared MCP authentication and the declared minimal permission is Activity:Read. No unrelated secrets or numerous environment variables are requested.
Persistence & Privilege
The skill is not always-on and does not request elevated platform privileges. SKILL.md states it does not install software or store/rotate/export API secrets. Autonomous invocation is allowed (platform default) but not combined with other concerning flags.
Assessment
This skill appears to do exactly what it claims: read-only activity-center queries against Gate using GATE_API_KEY and GATE_API_SECRET. Before installing, ensure you: 1) provide keys scoped with minimal permissions (Activity:Read only) rather than full account privileges, 2) configure the keys via your local MCP/session as instructed (do not paste secrets into chat), and 3) confirm you trust the skill source (homepage points to github.com/gate/gate-skills but the registry source is 'unknown'); if you are unsure, create a dedicated API key that you can revoke after testing or rotate later. If you need higher assurance, review the referenced GitHub repository contents or request the publisher identity before enabling the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk979ghhejfzxr3a9vjft964zbs84c0mq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvGATE_API_KEY, GATE_API_SECRET
Primary envGATE_API_KEY

Comments