ClawHub

Binance Square Skill

v0.2.0

Binance Square publishing skill for AI agents. Validate session, publish posts, and check status.

2· 390·1 current·1 all-time
byJacky@phlegonlabs
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Functionality (validate_session, publish_post, get_post_status) and the bundled code (HTTP + CDP browser clients) align with the stated Binance Square publishing purpose. However registry-level metadata shown at the top of the report (no required env/bins) contradicts the SKILL.md and skill.json which require node plus BINANCE_COOKIE_HEADER and BINANCE_CSRF_TOKEN; that's an inconsistency in the published metadata that should be resolved before trust.
!
Instruction Scope
The SKILL.md commands are limited to running the bundled node script and ask you to provide Binance cookies/CSRF token — appropriate for this task. But the repository also contains developer utilities (scripts/analyze-api.ts, scripts/probe-endpoints.ts, scripts/bn-square.mjs) that: (a) connect to a local Chrome DevTools Protocol (CDP) endpoint, (b) inject cookies into browser contexts, (c) execute fetches in the browser and capture request headers and bodies, and (d) write capturedRequests to disk (analysis reports). Those utilities can inadvertently store or surface full cookie headers or post bodies (sensitive data) if run with your credentials. The SKILL.md and RULES.md instruct not to leak secrets, but some included tools will collect headers and truncated postData into files/reports if invoked — this contradicts the recommended 'never leak' rule unless used carefully.
Install Mechanism
No install spec; this is an instruction-and-script bundle. There are no remote download/install steps declared. The bundled scripts are self-contained JS/TS files and a pre-bundled scripts/bn-square.mjs is present. No URL downloads or extract/install steps were requested in the skill metadata.
Credentials
The skill legitimately requires BINANCE_COOKIE_HEADER and BINANCE_CSRF_TOKEN (and optionally BINANCE_CDP_URL / BINANCE_SESSION_TOKEN) to operate. That scope is proportionate to a tool that acts on behalf of a logged-in Binance user. The inconsistency between the top-level registry summary (which listed no required env vars) and the SKILL.md/skill.json which do list env vars is a red flag — ensure the runtime will actually enforce/require these variables and that you understand their sensitivity.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system-wide privileges. It interacts with local resources (optional CDP) only when configured. There is no evidence it attempts to modify other skills or global agent configuration.
What to consider before installing
This skill implements Binance Square posting and requires your Binance cookie and CSRF token — treat those as highly sensitive credentials. Before installing or running: 1) Verify the apparent metadata mismatch (the registry summary said no env vars but SKILL.md/skill.json require BINANCE_COOKIE_HEADER and BINANCE_CSRF_TOKEN). 2) Prefer running the skill with a disposable Binance account (not your main trading account) and rotate those cookies/tokens after testing. 3) Do not run the developer tools (scripts/analyze-api.ts, scripts/probe-endpoints.ts) with real credentials unless you understand they will capture request headers/post bodies and may write them to disk (api-analysis.json). 4) If you must grant access to a local browser CDP (BINANCE_CDP_URL), only point it at a dedicated, isolated browser instance (not your daily browser) because the scripts inject cookies and evaluate arbitrary fetches in the page context and could access other open pages or data. 5) Audit scripts/bn-square.mjs and the analyze/probe scripts before use (look for any non-Binance outbound endpoints; the SKILL.md does insist on only contacting *.binance.com, but developer utilities can write reports locally). 6) If you are not comfortable reviewing code, do not provide real credentials — use throwaway credentials or decline installation. If you proceed, monitor for unexpected network activity and rotate credentials afterward.

Like a lobster shell, security has layers — review code before you run it.

latestvk97armp84mtx71nr7y22zap1kn82519z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments