gate-mcp-openclaw-installer

SUSPICIOUS: The skill’s purpose broadly matches its capabilities, but it forwards exchange credentials and OAuth tokens through `mcporter` and remote `gatemcp.ai` endpoints, uses unpinned runtime installs, and exposes asset-affecting trading/DEX functions. This is not confirmed malware, but the trust and credential-routing model is broader than a simple installer and merits caution.