ClawHub

Miraix Binance Agent Firewall

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Binance prompt-audit skill whose main risk is that the trading prompt you provide is sent to Miraix's public API.

Install only if you are comfortable sending the trading prompt you provide to Miraix. Remove API keys, balances, personal information, proprietary strategy details, and private account data before use, and treat any permission plan as advisory rather than authorization to enable risky Binance permissions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to send the user's raw trading prompt and symbols to a third-party public endpoint, but it does not require user consent, disclosure, or any data minimization before transmission. Prompts may contain sensitive trading strategy, account intentions, API-related details, or proprietary information, so silent exfiltration to an external service creates a real confidentiality and privacy risk.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The manifest sets `allow_implicit_invocation: true`, which lets the platform invoke this skill without an explicit user request while the trigger conditions are not narrowly defined in this file. Because this skill makes security decisions about Binance trading prompts and account permissions, accidental or over-broad invocation could cause untrusted trading content to be evaluated or rewritten in sensitive account-management contexts, increasing the chance of unsafe automation or misleading approval signals.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal