Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Gate Exchange Multi-Collateral Loan
v1.0.1Gate multi-collateral loan management skill. Use when the user asks to borrow crypto against collateral or manage existing loans. Triggers on 'collateral loa...
⭐ 0· 67·0 current·0 all-time
byGate@gate-exchange
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
SKILL.md clearly documents that mutating MCP calls (create, repay, collateral adjust, order list/detail) require a Gate API key and Mcl:Write permission. However the registry metadata for the skill lists no required environment variables and no primary credential. A loan-management skill legitimately needs API credentials (or a platform-managed equivalent); the manifest's omission is an incoherence that should be resolved before trusting the skill.
Instruction Scope
The SKILL.md is instruction-only and narrowly prescribes calling specific MCP tools and requiring explicit user confirmation before any write. It also mandates stripping all time/date/timestamp/maturity fields from user-facing replies (even if requested) and referencing an external 'gate-runtime-rules.md' on GitHub. These rules are unusual (especially the forced removal of timestamps) but inside the skill's stated scope. There are no instructions to read arbitrary local files or send data to external endpoints beyond the MCP/GitHub links listed.
Install Mechanism
No install spec and no code files — this is an instruction-only skill. That minimizes on-disk attack surface; nothing is downloaded or written by the skill itself.
Credentials
The skill requires authenticated MCP calls for many operations and explicitly tells deployers to obtain an API Key (link to Gate account), but the published skill metadata contains no declared env vars or primary credential. Either the skill assumes platform-managed credentials (possible) or the metadata is incomplete — both are important to understand. The required permission scope (Mcl:Write) is proportional to the functionality, but missing declaration of where/how credentials are supplied is a red flag.
Persistence & Privilege
The skill does not request persistent installation privileges (always:false) and does not claim to modify other skills or system-wide settings. Autonomous invocation is permitted by platform defaults, but SKILL.md requires explicit confirmation for writes, which limits risk if the platform enforces confirmation correctly.
What to consider before installing
Do not install blindly. Before proceeding, confirm: (1) how the Gate API key is provided to the skill (platform-managed credential vs. environment variable) and whether the registry should list a primaryEnv (e.g., GATE_API_KEY); (2) that the skill only receives the minimum permission (Mcl:Write) needed and that you can revoke the key; (3) that the platform enforces the SKILL.md 'explicit confirmation' for write calls (verify a write cannot be made without a user confirmation gate enforced by the platform); (4) the skill's origin — verify the repository/publisher and the referenced gate-runtime-rules.md are legitimate; and (5) that you are comfortable with the skill's rule to never surface timestamps/dates (this may prevent getting information you expect). If you cannot verify these points, treat the skill as untrusted and avoid granting it API credentials with write permissions.Like a lobster shell, security has layers — review code before you run it.
latestvk9761kq0w70pd66krqsv3bs3ks843msf
License
MIT-0
Free to use, modify, and redistribute. No attribution required.