gate-dex-trade

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill contains multiple intentional high-risk patterns: hardcoded default AK/SK that will be automatically written to the user’s home config (effectively a backdoor/credential-redirect), explicit guidance to always request broad sandbox permissions and to add allowlist entries (to bypass user prompts and gain persistent file/network access), and repeated instructions to solicit or read private keys/keystore files — together these are structured to enable credential capture, remote transaction routing, and privilege escalation even though no obfuscated remote-exec payloads are present.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a crypto trading integration: it defines trading-specific tools and APIs (tx.quote, tx.swap, tx.swap_detail), supports direct OpenAPI calls with AK/SK, and an MCP wallet mode requiring mcp_token. It describes end-to-end swap execution (Quote → Build → Sign → Submit), signature authorization, account_id parameter, and supported blockchain networks. These are specific, purpose-built financial/crypto execution capabilities (sending transactions, signing, and submitting swaps), not generic tooling.