ClawHub

Gate MCP (OpenClaw / mcporter)

Security checks across malware telemetry and agentic risk

Overview

This Gate MCP installer is mostly purpose-aligned, but it handles financial-service credentials and remote authenticated services with insufficient upfront disclosure and scoping.

Review carefully before installing. Use least-privilege Gate API keys, avoid withdrawal permissions unless absolutely needed, understand that OAuth tokens, headers, and API secrets may be stored locally by mcporter, and be ready to remove or rotate credentials after use. Verify the Gate remote endpoints and the hardcoded DEX key are acceptable for your trust model.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The installer hardcodes a shared x-api-key and automatically installs it into client configuration for the gate-dex server. Embedding credentials in distributable install scripts is unsafe because the key can be extracted, reused by unintended parties, and silently authorizes traffic under a credential the user did not supply or review.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README explicitly directs users to configure API keys, OAuth2, and remote HTTP MCP servers, but it does not clearly warn that credentials and potentially sensitive account/trading data will be transmitted to third-party Gate-operated services. In an installer skill, this omission matters because users may assume a local-only setup and grant secrets or account access without understanding the trust boundary and privacy implications.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill states that credentials are stored in mcporter config, but it does not present this as a prominent upfront warning before users are asked to install or authenticate. This can lead users to provide API credentials or OAuth tokens without informed consent about local persistence, increasing the risk of secret exposure on shared or insecure machines.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
A hardcoded API key is written into mcporter configuration without clear disclosure or user consent. Even if intended for convenience, silently installing a credential into local config can expose the key to local users, backups, logs, or later exfiltration by other tooling.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script writes user-supplied Gate API credentials into mcporter config via --env values, but it never warns that secrets will be persisted locally. This creates a real risk of credential exposure through plaintext config storage, insufficient file permissions, local compromise, or accidental sharing of config files.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal