Back to skill

Security audit

Spot

Security checks across malware telemetry and agentic risk

Overview

This Binance Spot skill matches its stated purpose, but it handles live trading credentials and order actions in a way users should review carefully before installing.

Install only if you are comfortable with a skill that can guide live Binance Spot trading. Use testnet first, do not paste production secrets into chat or markdown files, prefer restricted API keys with withdrawals disabled and IP allowlisting, and require explicit confirmation before any order, cancel, amend, or cancel-replace action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill exposes numerous account-mutating endpoints, including order placement, cancelation, and bulk cancel actions, but only requires an explicit confirmation for mainnet transactions. That leaves destructive authenticated actions on testnet/demo or accidental invocation of sensitive endpoints insufficiently guarded, which is risky in an agent context where users may not understand the consequences of each operation.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill instructs users to send raw Binance API credentials in a file and even includes placeholder account sections for storing keys in documentation-like files. This normalizes insecure secret handling and increases the chance of credential leakage through chat history, logs, repository files, or agent memory, which could enable unauthorized account access and trading activity.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation includes directly executable examples that submit a live spot order to the mainnet endpoint without an explicit warning that running them can place real trades and affect funds. In a skill intended to help users interact with Binance, this increases the chance of accidental execution with real credentials, especially because the example is complete and ready to paste.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.exposed_secret_literal

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
SKILL.md:295