Cross-exchange trading platform
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the shell helper is sourced and used with malicious or malformed input, it could run local shell commands in the user's environment.
The script builds URL/body values from function arguments and then reparses them with eval, so crafted arguments could be interpreted as shell syntax instead of only API parameters.
params="symbols=${symbols}" ... eval curl -s -X GET \"${url}\" $headers ... eval curl -s -X POST \"${url}\" $headers -d \"${data}\"Remove eval, build curl calls with shell arrays or direct arguments, and validate or strictly encode all symbol, account, amount, and JSON fields.
An agent using this skill with valid credentials could make financial changes such as transferring funds or trading assets.
These documented endpoints can transfer funds, place/cancel/modify orders, and execute conversions, but the artifacts do not define an explicit approval gate or bounded safe mode for these financial mutations.
资金划转(需要认证) POST /wallet/transfers ... 订单管理(需要认证) POST /orders ... DELETE /orders ... PUT /orders/{order_id} ... 闪兑交易 POST /convert/executeRequire explicit user confirmation for every order, transfer, or conversion, show the exact exchange/symbol/amount/price before execution, and prefer read-only mode unless the user deliberately enables trading.
Compromise or misuse of these keys could expose account balances and enable trades or transfers within the connected trading platform.
The skill requires API credentials with CrossEx trading permission. This is high-privilege account access, and it is not clearly bounded or aligned with the registry metadata that declares no primary credential or required environment variables.
env_vars: GATE_API_KEY: API 密钥(必需); GATE_API_SECRET: API 签名密钥(必需) ... 创建新的 API Key,需勾选 跨所交易权限 ... permissions: needs_credentials: true
Use a dedicated least-privilege API key, avoid broad trading permissions unless necessary, restrict IPs if supported, rotate keys after testing, and ensure the registry metadata accurately declares required credentials.
Users have less assurance that the package is actually from the claimed provider or that future updates are trustworthy.
For a financial trading integration that asks for API credentials, the lack of a verified source or homepage is a provenance gap, though it is not by itself evidence of malicious behavior.
Source: unknown; Homepage: none
Verify the publisher and code against Gate.io's official documentation before providing credentials or enabling trading permissions.