ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Binance Crypto Market Rank

v1.0.0

Crypto market rankings and leaderboards. Query trending tokens, Binance Alpha tokens, smart money inflow rankings, meme token rankings, and top trader PnL le...

0· 33·0 current·0 all-time
by@dexploarer
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md, and the included script all align: the script issues GET/POST requests to web3.binance.com endpoints to fetch rankings. That capability matches the stated purpose. However, the skill claims an author of 'binance-web3-team' while the registry lists source as unknown and homepage none — the claimed origin is unverified, which reduces trust.
!
Instruction Scope
SKILL.md explicitly instructs the agent to 'Run the script NOW' (RUN_SKILL_SCRIPT ...) and to summarize results. The included rankings.sh will perform network calls to external endpoints (web3.binance.com). The instructions force immediate execution rather than offering a user-confirmation path; this gives the skill operational autonomy to perform outbound requests without additional user context. The script does not read local files or environment vars, nor does it transmit local data, which is good, but the 'execute immediately' mandate is broad and should be treated cautiously.
Install Mechanism
No install spec is present (instruction-only with an included script). Nothing is downloaded or written to disk by an install step; risk from install mechanism is low.
Credentials
The skill declares no required environment variables or credentials and the script uses only public endpoints. That is proportionate. One minor inconsistency: required binaries are listed as none, but rankings.sh invokes curl and python3; the skill should declare those as prerequisites.
Persistence & Privilege
always is false and the skill does not request persistent system-wide privileges or modify other skills. Autonomous invocation (model-invocation enabled) is the default; combined with the SKILL.md directive to run the script immediately, this increases operational risk but is not itself a privilege escalation.
What to consider before installing
This skill appears to call Binance public APIs and does not ask for secrets, but it raises two practical concerns: (1) SKILL.md insists the agent execute the included script immediately and summarize results — that will make outbound HTTP requests without a separate confirmation; (2) the package claims Binance authorship but has no verified source or homepage. Before installing, consider: run the script in a sandboxed environment or review network egress rules; verify the skill author (prefer a homepage or repository you trust); confirm required binaries (curl and python3) are present or declared; and decide whether you want the agent to be allowed to autonomously run local scripts that perform network calls.

Like a lobster shell, security has layers — review code before you run it.

latestvk9767gagzj6h1rbecyr4gvg6rx840vpc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments