Binance Onchain Pay

Security checks across malware telemetry and agentic risk

Overview

This skill is for Binance crypto payment workflows and is mostly coherent, but it can use stored credentials for high-impact financial actions without a clear final confirmation gate.

Install only if you trust the publisher and intend to let an agent help with Binance Onchain Pay. Use test or low-limit credentials, inspect any signing script before running it, and require the agent to show the exact account, endpoint, sanitized payload, amount, asset, address, network, and action for explicit approval before any order or transfer-related call.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill directs the agent to invoke a shell script that will send user financial data and wallet details, while using locally stored API credentials and a private key to sign requests to an external service, but it does not require an explicit user-consent or data-transmission warning at execution time. In a payments/on-chain context, this omission is security-relevant because users may not realize that order data, destination addresses, and authenticated API requests are being transmitted off-platform and may trigger real money movement.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal