Back to skill
Skillv1.0.0
VirusTotal security
binance square 币安广场 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:32 AM
- Hash
- 4c75342bda42daf638e79db172201b8c1668702a5edade01ed2df9b27bf8af46
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: binance-square-post Version: 1.0.0 The skill is designed to post content to Binance Square via a legitimate API endpoint (binance.com). However, it is classified as suspicious because SKILL.md instructs the agent to store sensitive X-Square-OpenAPI-Key credentials in plaintext within the skill's own markdown file. This practice constitutes a significant security vulnerability, as it exposes secrets to any process or user with access to the agent's workspace or context history, despite instructions to mask the key during display.
- External report
- View on VirusTotal