BinanceAlert

Security checks across malware telemetry and agentic risk

Overview

This Binance alert skill mostly does what it claims, but it automatically reads a shared secrets file more broadly than its Telegram-only setup requires.

Review before installing. Use a dedicated Telegram bot/chat and preferably provide TG_BOT_TOKEN and TG_CHAT_ID through a skill-specific environment instead of a shared Freqtrade secrets file. Only configure cron or systemd scheduling if you want ongoing Telegram alerts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly sends monitoring alerts to Telegram using a bot token and chat ID, but the user-facing description does not clearly warn that alert content will be transmitted to a third-party messaging service. This creates a transparency and privacy risk because users may enable the skill without understanding that trading-related information and bot-linked metadata are being sent off-platform.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The script explicitly loads Telegram bot credentials from a shared secrets file and uses them to send outbound messages, but it provides no runtime disclosure or consent mechanism to warn the operator that notifications and trading-related data will be transmitted to Telegram. In a multi-skill or shared-agent environment, this can cause unintended data egress using preexisting credentials the user may not expect this skill to consume.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal