Gate Exchange Trading Copilot
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could change futures leverage or margin settings before you confirm the final trade, potentially affecting account risk or existing positions.
The documented futures call order allows leverage or margin-mode write operations before the explicit confirmation gate. Those settings can materially affect futures account risk and should be drafted and confirmed like order writes.
if the user explicitly requests leverage or margin-mode changes, apply the corresponding update tools first ... produce `Order Draft` ... wait for confirmation
Require an explicit immediate confirmation before any leverage or margin-mode update, show the old and new settings in the draft, and verify the post-change state.
A remote rules file that is not bundled or pinned could change how the trading agent behaves after installation.
The skill makes an external GitHub file from a mutable branch authoritative for runtime behavior. Because the skill can execute trades, unpinned remote instructions create a material provenance and change-control risk.
These rules have the highest priority. → Read [gate-runtime-rules.md](https://github.com/gate/gate-skills/blob/master/skills/gate-runtime-rules.md)
Bundle the rules in the skill package or pin them to a reviewed commit/hash; users should inspect the linked rules before using authenticated trading.
A user may not realize from the registry metadata that using the skill for execution involves an authenticated exchange account capable of financial transactions.
The registry metadata under-declares the sensitive authority: the skill text requires authenticated Exchange MCP/API-key permissions for private trading, balances, orders, and positions.
Primary credential: none ... Required env vars: none ... Capability signals: No capability tags were derived.
Declare Gate trading/account credentials and capabilities in metadata; users should use least-privilege API keys, disable withdrawals, and consider separate read-only versus trade-enabled credentials.
The skill might be invoked for unsupported trading products, and the user must rely on the guardrails to block or clarify instead of executing.
The trigger wording includes products or intents that the same skill later says are unsupported, creating scope ambiguity for high-impact financial requests.
Triggers on 'market buy', 'margin borrow', 'TradFi', 'Alpha' ... Not Suitable ... Alpha trading
Align trigger phrases with the supported scope, or explicitly route unsupported margin/Alpha/TradFi requests to refusal or a dedicated skill.
Balances, positions, orders, and trade actions may be exposed to or handled by the configured MCP provider.
Private account data and trading actions flow through an MCP runtime. This is purpose-aligned, but users should ensure the MCP server and account boundary are trusted.
private order placement, order management, position queries, balances, and account verification require authenticated Gate execution tools
Use only a trusted Gate MCP runtime, verify which account is connected, and avoid granting broader account permissions than the skill needs.