Spot
WarnAudited by ClawScan on May 18, 2026.
Overview
This Binance Spot skill can use API keys to place and cancel real trades, but its high-impact permissions and credential handling are not clearly bounded in the supplied artifacts.
Install only if you intend to let the agent interact with Binance Spot. Start on testnet, use a dedicated restricted API key with no withdrawal permission and IP allowlisting, and require explicit confirmation before any live order, cancellation, or cancel-replace action.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent is given trading credentials, a mistaken or unintended invocation could place or cancel live orders.
These documented authenticated endpoints can create, cancel, or replace real Binance Spot orders; the supplied artifacts do not show a mandatory confirmation or containment step for those high-impact actions.
`/api/v3/openOrders` (DELETE) | Cancel All Open Orders on a Symbol ... `/api/v3/order` (POST) | New order ... `/api/v3/order/cancelReplace` (POST) | Cancel an Existing Order and Send a New Order
Use testnet first, require explicit user confirmation before any trade or cancellation, and avoid enabling this skill for autonomous financial actions.
Users may not get a clear permission prompt or boundary for Binance credentials that can authorize trading activity.
The metadata acknowledges API key and secret-key authentication for mainnet-capable Binance access, but it does not declare a primary credential or environment-variable contract for that sensitive authority.
Description: Binance Spot request using the Binance API. Authentication requires API key and secret key. Supports testnet and mainnet. ... Required env vars: none ... Primary credential: none
Only provide a dedicated, restricted Binance API key; enable IP allowlisting and spot-only permissions, disable withdrawals, and prefer metadata that explicitly declares the credential requirement.
A real embedded API key could expose an account credential or encourage unsafe credential handling.
The static scan reports a possible hardcoded API key in the skill text. The snippet is redacted, so this may be a placeholder, but a real embedded Binance key would be unexpected credential exposure.
Static scan at SKILL.md:295: `- API Key: [REDACTED]`
Verify whether the redacted value is a placeholder or a real key; remove any real credential from the skill and rotate it immediately.
Users cannot easily verify that the skill is official, maintained, or safe to trust with financial API access.
The skill requests or uses sensitive Binance trading credentials, but the supplied registry information does not provide a verifiable source or homepage.
Source: unknown; Homepage: none
Verify the publisher independently before using it with any Binance account, and do not assume it is an official Binance distribution solely from the skill text.