Back to skill

Security audit

Gate Exchange Account and Asset Manager

Security checks across malware telemetry and agentic risk

Overview

This Gate account-management skill is mostly coherent, but it should be reviewed because it combines broad financial-account data access, confirmed write authority, and an unpinned external runtime-rules dependency.

Review before installing. Prefer read-only Gate credentials unless you intentionally need unified-account writes, and do not confirm borrowing, leverage, collateral, or mode changes unless the Action Draft exactly matches your intent. Be aware that vague account prompts may reveal a broad financial snapshot, and verify the external Gate runtime-rules document because it is not pinned inside this reviewed package.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list uses broad, everyday phrases such as 'how much do I have', 'account balance', and 'set leverage' for a skill that includes authenticated financial data access and write-capable operations. This increases the chance of unintended routing into a sensitive trading/account-management workflow, which can expose private financial information or prime the assistant toward high-risk actions even if writes are nominally confirmation-gated.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The fallback rule maps vague phrases like "check my account" to a broad asset-overview workflow, which can trigger extensive authenticated data retrieval without clear user scoping. In a financial skill with many account domains, this increases the chance of over-collection and unintended disclosure of sensitive balances, positions, and earnings when the user's request was ambiguous.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The edge-case rule accepts broad phrases such as "check my account" with no details and instructs the skill to output a full asset panorama. Because this skill can access numerous financial data sources, that behavior can expose far more sensitive information than necessary from an underspecified prompt, especially in shared or accidental-use contexts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.