Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Binance Fiat
v1.0.0Binance Fiat request using the Binance API. Authentication requires API key and secret key.
⭐ 0· 35·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md clearly needs Binance API credentials and signing (apiKey / secretKey) and the declared required binaries (curl, openssl, date) make sense for signing and HTTP requests. However the registry metadata lists no required environment variables or primary credential despite the skill explicitly instructing the agent to search for BINANCE_API_KEY and BINANCE_SECRET_KEY. That metadata mismatch is an incoherence and should be corrected.
Instruction Scope
The runtime instructions explicitly tell the agent how to locate credentials (environment variables, ~/.openclaw/secrets.env, ~/.env, workspace .env and 'inline file') and give code examples that read keys directly. They also state 'the agent can also make http requests with the two first methods without user confirmation.' That gives the agent broad discretion to access secrets and call network endpoints; the instruction set is otherwise limited to Binance endpoints, but the phrase allowing automatic requests without confirmation is vague and increases risk.
Install Mechanism
This is instruction-only with no install spec and no downloads or extracted archives; nothing is written to disk by an installer. Required binaries are standard (curl, openssl, date).
Credentials
The skill legitimately needs BINANCE_API_KEY and BINANCE_SECRET_KEY, but the registry did not declare them as required env vars or as a primary credential. The SKILL.md instructs searching multiple places for secrets (including home and workspace .env files) and even reading raw first two lines if a file isn't KEY=VALUE formatted — this behavior could accidentally read unrelated files if misused. The scope of credential access should be declared explicitly and limited.
Persistence & Privilege
The skill is not marked 'always:true' and doesn't request system-wide changes, which is good. However, the default platform behavior allows autonomous invocation and the SKILL.md's allowance for automatic credential retrieval and making HTTP requests without user confirmation increases blast radius if the agent invokes the skill autonomously. Combine this with the metadata omission (undeclared required envs) and it becomes more concerning.
What to consider before installing
This skill appears to implement Binance fiat API signing and use of apiKey/secretKey, but there are two things to watch for before installing: (1) Metadata mismatch — the registry did not list BINANCE_API_KEY or BINANCE_SECRET_KEY as required but the SKILL.md expects them; ask the publisher to correct the metadata so you know what secrets will be used. (2) Automatic credential access — the instructions tell the agent to look for keys in environment variables and .env/secrets files and allow making HTTP requests without explicit user confirmation. If you install this skill, only provide API keys with minimal permissions (ideally disable withdrawals), enable IP whitelisting on Binance, and prefer testnet keys for trial. Require that the agent prompt you before performing any mainnet transactions (the SKILL.md says to ask for 'CONFIRM' but the skill also ambiguously allows automatic requests). If you do not trust the skill source or cannot limit key permissions/IPs, do not install or provide credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk97074q7s14w1mkh1ncertzjdh8408ny
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binscurl, openssl, date