Crypto Market Rank
Security checks across malware telemetry and agentic risk
Overview
This instruction-only skill appears to document public crypto market ranking API queries, with no code, credentials, persistence, or destructive behavior shown.
This looks safe to install as an instruction-only market-data lookup skill. Review that it sends market-ranking queries to Binance Web3 public endpoints, and do not include private or identifying information in query terms.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may query Binance Web3 public endpoints with ranking/filter parameters from the user’s request.
The skill documents raw HTTP/curl calls to an external market-data API. This is expected for a crypto ranking skill and appears read-only, but it still gives the agent a pathway to make external requests.
curl 'https://web3.binance.com/bapi/defi/v1/public/wallet-direct/buw/wallet/market/token/pulse/social/hype/rank/leaderboard?...'
Use it for market-data lookups, and avoid placing private information into token search keywords or other query parameters.
Users cannot verify provenance from the supplied registry metadata alone.
The registry entry does not provide an independently verifiable source or homepage, even though the SKILL.md frontmatter claims an author of "binance-web3-team".
Source: unknown; Homepage: none
If Binance affiliation matters to you, verify the owner/source through trusted ClawHub or Binance channels before relying on the skill.