Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
binance-trading
v1.0.0Provides Binance API integration for spot and futures trading including balance, orders, market data, leverage, and position management.
⭐ 0· 255·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (Binance trading) matches the code and SKILL.md: it calls Binance spot and futures APIs and implements placing orders, balances, positions, leverage, etc. However, the registry metadata declares no required environment variables or primary credential, while both SKILL.md and index.js clearly require BINANCE_API_KEY and BINANCE_SECRET_KEY — this metadata omission is an inconsistency.
Instruction Scope
SKILL.md instructs the user to set BINANCE_API_KEY and BINANCE_SECRET_KEY (or edit code), run npm install and node index.js ping, and shows example function usage. The runtime instructions and code only reference Binance endpoints and the two environment variables; they do not attempt to read unrelated files/paths or exfiltrate data to unexpected endpoints. (Note: the included index.js was truncated in the listing; full file should be reviewed.)
Install Mechanism
There is no install spec that downloads remote code; this is an instruction-only skill with bundled source files. SKILL.md recommends running npm install, but package.json has no dependencies, so no third-party packages are pulled. No external archives or unknown URLs are used in the install process.
Credentials
The skill requires BINANCE_API_KEY and BINANCE_SECRET_KEY to operate (documented in SKILL.md and used by index.js). Those credentials provide trading capability and are highly sensitive. The registry metadata, however, does not declare these required env vars or a primary credential, which is a coherence/visibility problem. Because the skill can place orders and change leverage, only permission-scoped keys (no withdraw) should be used, and the metadata should explicitly declare required credentials.
Persistence & Privilege
The skill is not marked always:true and does not request system config paths. By default disable-model-invocation is false (agent may invoke autonomously) — that is the platform default, but combined with trading capability it means an agent with this skill could place trades autonomously if it obtains API keys. This is expected behaviour for an automated trading skill but a security consideration for users.
What to consider before installing
This skill appears to actually implement Binance trading and needs your Binance API key and secret — do not provide full-permission keys blindly. Before installing: (1) Verify the skill source/author; the registry metadata omits the required env vars (BINANCE_API_KEY, BINANCE_SECRET_KEY) and primary credential, so ask the publisher to correct that. (2) Only supply API keys with the minimum permissions needed (prefer keys that allow trading but not withdrawals; or use read-only keys when testing). (3) Consider running the code in a sandbox or on a testnet account (Binance testnet) first — the skill can place real spot/futures orders. (4) Inspect the full index.js (the provided listing was truncated) to confirm there are no hidden network calls or unexpected behaviors. (5) If you do provide keys, store them in environment variables (not embedded in source) and consider restricting agent autonomous use (disable-model-invocation or require explicit user confirmation) so trades cannot be executed without your approval.Like a lobster shell, security has layers — review code before you run it.
latestvk97fhg9xmsy1vd42ryaqtrh2yh82t8cj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.