Back to skill
Skillv1.0.1
ClawScan security
Binance Spot OpenAPI Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 15, 2026, 3:12 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it documents how to call Binance Spot endpoints via the uxc tool, uses the official Binance hosts and a curated OpenAPI schema, and only asks for Binance credentials that are reasonable for the stated purpose.
- Guidance
- This skill appears to do what it says: help you call Binance Spot endpoints via your local uxc CLI with a curated OpenAPI schema and query signing. Before installing: ensure you trust the schema URL (raw.githubusercontent.com) and optionally fetch/verify it yourself; prefer storing private keys in a secure vault (1Password, OS keyring, or a secret manager) rather than long-lived plaintext environment variables; keep mainnet keys separate from testnet keys and use the documented testnet-first flow to validate requests before placing mainnet orders; confirm that any agent you give autonomous invocation to should be allowed to run uxc with access to your Binance credentials (if you enable autonomous runs, the agent could trigger API calls using whatever credentials uxc can access). The validate.sh script is a local maintainer helper requiring rg and jq — it is not an installer and does not run automatically.
Review Dimensions
- Purpose & Capability
- okName, description, and files (OpenAPI schema, usage patterns, and uxc link examples) all align with the stated purpose of operating Binance Spot endpoints. The only external dependency referenced at runtime is uxc and network access to Binance + the GitHub raw schema URL, which is expected for this skill.
- Instruction Scope
- okSKILL.md instructions stay within scope: they describe public reads, signed account/order queries, testnet-first write flows, and mainnet guardrails. The docs instruct storing signing material (private key PEM or HMAC secret) in environment variables or a secret manager; they do not instruct the agent to read unrelated files or exfiltrate data to third-party endpoints outside of Binance or the GitHub raw schema URL.
- Install Mechanism
- okNo install spec is provided (instruction-only), which is low risk. The OpenAPI schema is referenced from a raw.githubusercontent.com URL — common practice for schemas but worth verifying integrity if you rely on it. The included validate.sh is a local validation script (requires rg and jq) and not run automatically by the platform.
- Credentials
- noteThe skill does not declare required env vars in registry metadata, but SKILL.md recommends several BINANCE_* environment variables for Ed25519 or HMAC keys. Those credentials are directly relevant to signing Binance requests and are proportionate; however, the skill asks you to store private key PEM content in environment variables (a convenience that has security trade-offs).
- Persistence & Privilege
- okSkill does not request persistent always:true privilege, does not modify other skills, and is user-invocable. It relies on uxc to perform signed requests; by default the platform allows autonomous invocation, which is normal — there are no other elevated privileges requested by this skill.