Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Binance Pro (Hybrid Labs)
v1.0.0Complete Binance integration - world's largest crypto exchange. Trade spot, futures with up to 125x leverage, staking, and portfolio management. Use to check...
⭐ 0· 33·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the included code and SKILL.md (Binance trading). However the registry metadata claims no required env vars or primary credential even though the SKILL.md and binance_cli.py both require Binance API keys (file ~/.openclaw/credentials/binance.json or env vars). Also the skill bundles a Python CLI but does not declare Python as a required runtime; these mismatches suggest sloppy packaging or incomplete metadata.
Instruction Scope
SKILL.md and the CLI instruct the agent/user to read credentials from a home path or environment and to issue trade orders (spot and futures). That's consistent with the advertised purpose, but the examples use different env var names ($API_KEY/$SECRET) than the Quick Start (BINANCE_API_KEY/BINANCE_SECRET) and some examples call openssl for HMAC signing while openssl is not listed in required binaries. The instructions perform high-privilege actions (placing/canceling orders) — expected for a trading skill, but the inconsistencies increase the chance of misconfiguration or accidental misuse.
Install Mechanism
There is no install spec (instruction-only), so nothing is downloaded or executed by an installer — low install risk. However the skill includes a Python CLI file (binance_cli.py) but does not declare Python as a required binary, which is an omission that can cause runtime surprises.
Credentials
The skill legitimately needs Binance API keys to operate, which is proportionate to its purpose. But the registry metadata did not declare required env vars or a primary credential while SKILL.md and the code expect sensitive keys; that mismatch reduces transparency. Also the skill asks users to store private keys in a local file or env vars without guidance on least privilege (e.g., read-only vs trading) or IP restrictions.
Persistence & Privilege
The skill metadata sets always: true, meaning it will be force-included in every agent run. There is no documented justification for global, always-on inclusion. Combined with the skill's access to trading keys and ability to place orders, always:true materially increases the blast radius if the skill or agent is compromised.
What to consider before installing
This skill appears to implement Binance trading functionality, but packaging and metadata are inconsistent — the skill requires sensitive Binance API keys (file or env vars) even though the registry metadata lists none, and it sets always:true (force-enabled) without justification. Before installing: 1) Do not use your main/live API keys — create a restricted test key with minimal permissions (or enable only read/balance access) and IP restrictions if possible. 2) Verify the skill source/author and prefer skills with a homepage or trusted publisher. 3) Inspect the full code (binance_cli.py) yourself; look for any unexpected network endpoints. 4) Fix variable inconsistencies (SKILL.md examples vs code use BINANCE_API_KEY/BINANCE_SECRET) and ensure required binaries are declared (python3, openssl, curl, jq). 5) Reject or request removal of always:true unless you understand and accept global inclusion; at minimum, require user opt-in. 6) Test in a sandbox account before using with real funds. If you are not comfortable auditing the code, avoid installing.Like a lobster shell, security has layers — review code before you run it.
binancevk97eyznsdkry9fbf55r60eyvsh83zsdxcryptovk97eyznsdkry9fbf55r60eyvsh83zsdxlatestvk97eyznsdkry9fbf55r60eyvsh83zsdxopenclawvk97eyznsdkry9fbf55r60eyvsh83zsdxtradingvk97eyznsdkry9fbf55r60eyvsh83zsdx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🟡 Clawdis
Binscurl, jq