Gate Exchange Dual Investment
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill is coherently designed for Gate dual-investment queries and confirmed order placement, but it uses Gate API credentials and can place real financial orders.
Install only if you intend to connect a trusted Gate MCP server and allow confirmed dual-investment order placement. Use a least-privilege API key, never paste secrets into chat, and confirm orders only when every amount, plan, target price, and settlement risk matches your intent.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If configured, the skill can use the user's Gate API credentials for dual-investment account queries and confirmed order placement.
The skill requires authenticated Gate account access with write permission for Earn products, which is expected for order placement but financially sensitive.
Credentials Source: Local Gate MCP deployment (`GATE_API_KEY`, `GATE_API_SECRET`) ... Permissions: Earn:Write
Use a dedicated Gate API key with the minimum required permissions, monitor account activity, and rotate or revoke the key if no longer needed.
A confirmed action can commit funds into a dual-investment product with market and settlement-currency risk.
The skill exposes a write tool that can place dual-investment orders, but the documented workflow requires a draft and explicit confirmation before execution.
`cex_earn_place_dual_order`; Execution SOP: ... `Show order draft and require explicit confirmation. Execute place order.`
Confirm only after checking the amount, plan, target price, settlement scenarios, and risk note in the order draft.
The security of actual API calls also depends on the external MCP server and installer used in the local environment.
The skill itself has no code or install spec, but its behavior depends on a separate Gate MCP server/installer that is not included in this artifact set.
Requires [gate-mcp](https://github.com/gate/gate-mcp) to be installed ... Install: Run installer skill for your IDE
Install the Gate MCP server only from a trusted official source and review its permissions before connecting API credentials.
Balance, order, and placement requests may pass through the configured local Gate MCP server.
Account operations flow through a local MCP session; this is disclosed and purpose-aligned, but it is a trust boundary that handles financial account data.
Use the already configured Gate MCP session for the current host. Local Gate MCP deployments use `GATE_API_KEY` and `GATE_API_SECRET`
Run only trusted MCP servers, keep them local or otherwise well controlled, and do not paste API secrets into chat.