v0.9.3

Tongateway

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:13 AM.

Analysis

Review before installing: this is a disclosed TON wallet/DEX integration, but it can store wallet credentials and let an agent spend funds from an autonomous agent wallet without per-transfer approval.

GuidanceInstall only if you understand that this grants an agent cryptocurrency wallet and DEX capabilities. Keep autonomous agent wallets minimally funded, verify or pin the npm package, protect the ~/.tongateway files, and revoke tokens or agent keys when you no longer need them.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SECURITY.md

If the agent malfunctions or is compromised, it can spend all funds in the Agent Wallet without approval.

The artifacts explicitly describe a no-approval autonomous spending path for an agent-controlled wallet, which is high-impact financial mutation authority.

User impactA mistaken or manipulated agent action could drain the funds placed in the agent wallet.

RecommendationUse safe mode by default, deploy autonomous agent wallets only for limited amounts you are willing to lose, and require explicit user confirmation before every autonomous transfer.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

README.md

"command": "npx", "args": ["-y", "@tongateway/mcp"]

The documented setup runs an external npm MCP package, and the provided artifact set does not include that package code. This is disclosed and purpose-aligned, but it is important because the package handles wallet operations.

User impactInstalling the skill means trusting the npm package and its updates with sensitive wallet workflows.

RecommendationPin or verify the npm package version, review the linked source/package provenance, or build from source if you need stronger supply-chain control.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SECURITY.md

`~/.tongateway/token` | JWT session token | Persists authentication across restarts ... `~/.tongateway/wallets.json` | Agent wallet signing keys | Only created if you deploy an Agent Wallet

The skill stores persistent session credentials and, in autonomous mode, signing keys that grant ongoing authority over wallet-related actions.

User impactAnyone or any process able to use these stored files may continue wallet access or spend from the agent wallet within the granted scope.

RecommendationProtect and periodically delete or revoke these credentials, avoid deploying agent wallets on shared machines, and review the dashboard revocation controls before use.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceMediumStatusNote

README.md

"AGENT_GATEWAY_API_URL": "https://api.tongateway.ai"

The MCP server is configured to communicate with an external Tongateway API service for wallet-related operations, creating a third-party data boundary that users should understand.

User impactWallet requests and related account activity may be processed through the external Tongateway service as part of normal operation.

RecommendationUse the integration only if you trust the provider’s API and privacy practices, and consider self-hosting or source review where appropriate.