gate-dex-wallet
Fail
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill contains a hardcoded API key (
MCP_AK_8W2N7Q) in theinstall.shscript andreferences/auth.mdfile, which is used for MCP server authentication. - [COMMAND_EXECUTION]: The
install.shscript performs intrusive operations on the local file system, including overwriting AI platform configuration files (e.g.,~/.cursor/mcp.json,~/.codex/config.toml) and creating symbolic links in the user's environment. - [DATA_EXFILTRATION]: The skill transmits sensitive authentication tokens and account identifiers to an external API endpoint (
https://api.gatemcp.ai/mcp/dex) to facilitate wallet functionality. - [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection via user-supplied transaction and message data. Ingestion points are found in the transfer and DApp modules (e.g.,
references/transfer.md,references/dapp.md). Capability inventory includes transaction signing and broadcasting tools (wallet.sign_transaction,tx.send_raw_transaction). The skill implements boundary markers and sanitization through mandatory user confirmation templates for all signing operations.
Recommendations
- AI detected serious security threats
Audit Metadata