Gate Exchange TradFi Query Skill
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may install or authorize the skill thinking it cannot trade, while the active skill instructions include real trading workflows.
This conflicts with the included SKILL.md and trading reference files that list write tools for placing, amending, cancelling, modifying, and closing TradFi orders/positions. Users could reasonably believe the skill is query-only.
**Read-only**: This skill only queries data. It does **not** place or cancel orders
Update the README, name, metadata, and capability declarations to clearly state trading/write capability, or split read-only query and trading skills.
If the Gate MCP is configured with a write-enabled key, the agent can place, cancel, amend, or close TradFi positions after confirmation.
Tradfi:Write is high-impact account authority that can mutate financial orders and positions. The registry requirements shown for the package list no primary credential, which under-discloses the effective permission boundary.
API Key Required: Yes ... Permissions: Tradfi:Write
Declare the required credential and write scope prominently, recommend least-privilege/read-only keys for query use, and require separate opt-in for trading.
Remote rule changes could alter the agent's trading behavior without a versioned package update visible in these artifacts.
The skill delegates authoritative runtime behavior to a mutable remote file on GitHub's master branch that is not included in the reviewed artifact set.
MUST read and strictly follow the shared runtime rules ... highest priority ... Read [gate-runtime-rules.md](https://github.com/gate/gate-skills/blob/master/skills/gate-runtime-rules.md)
Vendor the runtime rules into the package or pin them to an immutable commit, and do not make external content higher priority than platform and user instructions.
Confirmed actions can change real orders, positions, and potential profit or loss on the user's Gate TradFi account.
The skill intentionally exposes high-impact trading mutation tools. The documented confirmation and verification steps are appropriate, but users should notice the financial authority.
Write tools ... cex_tradfi_create_tradfi_order ... cex_tradfi_update_order ... cex_tradfi_delete_order ... cex_tradfi_close_position ... Require explicit confirmation.
Before confirming any action, verify the symbol, side, size, price, take-profit/stop-loss, and whether the action is partial or full close.