Riskgate Market Signals
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill transparently calls a RiskGate market-signal API and may influence trading workflows, so users should treat it as advisory and configure any automation carefully.
Before installing, confirm you trust RiskGate as a market-signal source and decide whether the skill should be allowed to influence automated trading. If you set a paid API key, understand it will be used for calls to RiskGate; if you enable monitoring, set explicit schedules and limits.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If connected to a trading-capable agent, RiskGate responses may cause the agent to pause, resize, or allow trades.
The skill is intended to influence an execution-capable agent’s trading gate; this is disclosed and purpose-aligned, but it can affect financial actions if the host agent is authorized to trade.
Call `GET /v1/analysis/current?asset={ASSET}` before any trade or significant action... → Proceed with normal parameters.Use it only with clear trading limits and human approval rules; treat the signals as advisory data, not as the sole authorization for trades.
A configured RiskGate key may be sent to `api.riskgate.xyz` in the `X-API-Key` header when the agent requests market signals.
The agent may use a locally configured paid RiskGate API key for provider authentication. This is purpose-aligned, but users should know the key will be used if present.
**Paid key:** Check RISKGATE_API_KEY env var first. If set, use it. If not, fall back to demo key.
Set `RISKGATE_API_KEY` only if you intend this skill to use that account, and prefer a limited provider key where available.
If your agent follows the monitoring guide, it may make regular API calls and send alerts, consuming API credits.
The guidance suggests recurring monitoring and out-of-schedule alerts. The artifacts contain no code-backed persistence, so this is only a behavior the host agent might implement.
## Recommended Schedule Every 4 hours... Notify human outside scheduled cadence when:
Configure monitoring cadence and asset lists explicitly, especially when using the demo key or a paid account.