Skillv1.0.2

ClawScan security

Gate Exchange Staking Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 2, 2026, 7:36 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions mostly match a Gate staking workflow, but documentation inconsistencies (merge conflict markers, conflicting auth statements, and an unclear source/origin) create coherence concerns that should be resolved before trusting write operations.
Guidance: This skill appears to implement legitimate Gate staking flows, but several red flags should be resolved before enabling it for actions that can write (stake/redeem): - Verify source provenance: the registry lists no homepage/source but README claims a Gate repository and publisher — confirm the skill actually comes from Gate or a trusted publisher. - Fix documentation integrity issues: remove the git merge conflict markers (<<<<<<< HEAD / >>>>>>> master) in references/staking-list.md; they can confuse automated parsing or reviewers. - Confirm authentication semantics: some docs say cex_earn_find_coin needs no auth while others say an API key is required. Verify which endpoints require authentication and ensure your MCP-managed API key has the minimum scopes (recommend Earn:Write only for swap calls and read scopes for queries). - Review the external runtime rules link (gate-runtime-rules.md) before installing — it is referenced as authoritative for runtime behavior. Make sure it doesn't add unexpected permissions or tool calls. - Test in read-only mode first: exercise query operations only (cex_earn_asset_list, cex_earn_find_coin, etc.) to confirm responses and mapping before allowing any stake/redeem operations. - Confirm confirmation behavior: ensure your MCP platform enforces the explicit confirmation gate described in SKILL.md and that swap calls cannot be auto-executed without user approval. If you cannot confirm provenance or the documentation fixes, consider treating this skill as untrusted for write operations until the issues are resolved.

Review Dimensions

Purpose & Capability: noteThe skill's declared MCP tools (cex_earn_*) match the staking purpose and the README/SKILL.md describe only staking-related queries and swaps. However, the published registry metadata lists the source as 'unknown' and there is a claim in README that the repo/publisher is Gate.com — this mismatch (no homepage, unknown source) reduces confidence in provenance.
Instruction Scope: concernSKILL.md and references are detailed and scoped to staking-related API calls and explicitly require user confirmation before write operations. However, several documents contain a left-over git merge conflict (<<<<<<< HEAD / >>>>>>> master) in references/staking-list.md, which is an integrity issue and could confuse an automated agent. The skill also points to an external runtime rules file on GitHub; you should verify that external file matches the constraints claimed here.
Install Mechanism: okInstruction-only skill with no install spec and no code files — low installation risk. Nothing is downloaded or written by an installer in the package.
Credentials: noteThe skill itself requests no environment variables and delegates API key handling to the MCP platform layer (documented). That is appropriate for a tool that calls MCP-managed endpoints. There is a minor inconsistency: some docs suggest cex_earn_find_coin requires no auth while other parts state an API key is required — confirm required permissions. The swap tool requires Earn:Write permission, which is expected but high-privilege; keep that in mind.
Persistence & Privilege: okalways:false (no forced inclusion) and normal autonomous invocation settings. The skill does call a write MCP tool (cex_earn_swap_staking_coin), but SKILL.md requires an explicit confirmation (Action Draft) before executing writes — this is an appropriate safety measure.