Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Gate.io 期货交易 CLI 工具
v1.0.2当用户需要查询Gate.io期货行情、管理账户、下单交易时使用此Skill。它提供完整的CLI命令行工具。
⭐ 0· 363·0 current·0 all-time
by@qiumr
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a CLI that needs Gate.io API keys and will save them locally, which is consistent with a trading CLI; however the registry metadata declares no required credentials or primary credential. The manifest includes two large executable files (renamed with .txt) which are necessary for a CLI, but the origin is unknown. The mismatch between declared requirements (none) and the actual instructions (explicitly require API keys) is an incoherence.
Instruction Scope
Runtime instructions tell the agent/user to run the included binaries and to save Gate.io API keys via a provided 'save-key' command that stores secrets at ~/.futures_trader/config.json. The SKILL.md also instructs using executables renamed to .txt and compressed — an attempt to obfuscate distribution. There is no instruction to verify binary integrity or origin, and a prompt-injection signal (unicode-control-chars) was detected in SKILL.md, which increases concern about manipulation or hidden payloads.
Install Mechanism
Although the skill has no formal install spec, the bundle contains two large packed executables (UPX mentioned in the files) renamed as .txt. Bundling opaque, compressed binaries with no source, signature, checksum, or provenance is high risk. Renaming executables to .txt is a red flag intended to evade simple filters.
Credentials
The SKILL.md requires a Gate.io API key and secret (with futures permissions) and instructs storing them locally, which is expected for a trading CLI; however the skill metadata lists no required environment variables or primary credential, creating a transparency gap. Requesting full API credentials without declared requirement in the registry is disproportionate and makes auditing harder.
Persistence & Privilege
The skill will create a config file (~/.futures_trader/config.json) to persist API keys; this is normal for a CLI but means secrets are stored on disk. The skill is not always-enabled and does not request elevated platform privileges in metadata, but the bundled executables will remain on disk and could be executed repeatedly — verify before running.
Scan Findings in Context
[unicode-control-chars] unexpected: Prompt-injection patterns (unicode control chars) were found in SKILL.md. This is not expected for a straightforward CLI usage document and may indicate an attempt to manipulate downstream processing or hide content. The regex scanner had nothing else to analyze in code because the skill is instruction-only aside from bundled binaries.
What to consider before installing
Do not run these bundled executables or store production Gate.io API keys until you can verify their provenance. Red flags: (1) the package includes UPX-compressed executables renamed to .txt (obfuscation), (2) registry metadata lists no credentials while the instructions ask you to provide API key/secret, and (3) there is a prompt-injection indicator in SKILL.md. If you consider using this skill: 1) ask the publisher for source code, a public repository, and signed release binaries (checksums/signatures); 2) verify hashes/signatures before running and scan binaries with AV/IDS; 3) prefer building from source or using an official/known Gate.io client; 4) if you must test, run in an isolated VM or sandbox with minimal funds and use API keys limited to the minimum permissions (or create a sub-account with minimal balance and IP restrictions); 5) inspect ~/.futures_trader/config.json handling and ensure it’s stored encrypted, or avoid storing keys there; 6) request the publisher to update registry metadata to declare required credentials transparently. Additional authoritative information (source code, reproducible build instructions, signed releases) would change the assessment toward benign.Like a lobster shell, security has layers — review code before you run it.
latestvk972d20h6arwzs4qr3n8jd7f7d82vrgm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.