ClawHub
Back to skill

Security audit

Gate Exchange Trading Copilot

Security checks across malware telemetry and agentic risk

Overview

This is a real Gate trading copilot with strong stated confirmation rules, but it needs review because it can affect live trading accounts and has unclear boundaries around unsupported triggers, remote runtime rules, and leverage or margin-mode changes.

Review before installing. Use only with a restricted Gate API key, preferably without withdrawal permission, and require fresh explicit confirmation for any leverage, margin-mode, order, cancel, amend, close, or reverse action. Avoid using it for Alpha, TradFi, margin borrowing, or unsupported products until the trigger and scope mismatch is corrected, and be aware that part of its runtime behavior depends on a remote mutable rules file.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The manifest/description advertises the skill as triggering on 'Alpha', while the body later states that Alpha trading is unsupported. This inconsistency can cause the skill to be invoked for out-of-scope requests, increasing the chance of misrouting users into an execution-oriented trading workflow that lacks appropriate controls for the unsupported product.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are broad enough to match ordinary trading discussion, which can cause the skill to activate when the user did not intend to enter a trade-capable workflow. In this context, unintended invocation matters because the skill combines analysis, draft generation, and potential execution on a live exchange, increasing the chance of confusing users or steering them into higher-risk actions.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger terms are broad and include generic phrases such as 'TradFi' and 'Alpha', which may activate the skill for unrelated or ambiguous user requests. In a trading skill with execution pathways, accidental invocation is dangerous because it can steer conversations toward sensitive financial actions, private account access, or unsupported products.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal