ClawHub

Gate Exchange Alpha

Security checks across malware telemetry and agentic risk

Overview

This is a real Gate Alpha trading skill with disclosed safeguards, but it still needs review because it can place live trades and has broad triggers plus an unpinned external instruction dependency.

Install only if you trust the Gate MCP setup and are comfortable granting Alpha trading access. Use the narrowest available Gate authorization, do not paste API secrets into chat, review the linked runtime rules, and verify every token, amount, slippage value, quote, and sell-all confirmation before approving execution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The documented behavior adds a high-risk bulk-liquidation workflow that goes beyond the skill’s declared trigger scope of handling user requests about specific Alpha-market tokens. In a trading skill, this scope expansion is dangerous because a broad or ambiguously phrased user request could lead to selling an entire account’s holdings, materially increasing the blast radius of mistakes, prompt confusion, or invocation errors.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger list includes very generic terms such as '买', '购买', '卖', and 'order status', which can match ordinary conversation and unintentionally invoke a high-risk trading skill. In this context, accidental routing is more dangerous because the skill can access authenticated account data and place live buy/sell orders, increasing the chance of unintended financial actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README advertises live trading, order placement, account balances, and transaction-history access without any warning about financial risk, use of authenticated data, or the possibility of executing real orders. That omission can mislead users or integrators into treating the skill as informational when it is capable of sensitive account access and irreversible market actions.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal