ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Binance Trader

v1.0.0

Provide Binance spot and futures trading with account info, price quotes, order placement, position tracking, and historical data retrieval.

0· 61·1 current·1 all-time
byHenry Sun@shenry07
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The SKILL.md implements spot and futures trading via the official python-binance SDK and ccxt which matches the described purpose. However the registry metadata declares no required credentials or env vars even though the instructions clearly require BINANCE_API_KEY and BINANCE_API_SECRET.
Instruction Scope
The runtime instructions are narrowly scoped to Binance operations (account, prices, orders, k-lines, error handling) and do not instruct reading unrelated system files or exfiltrating data to external endpoints. The instructions do tell the agent to import environment variables for API keys (expected for this functionality).
!
Install Mechanism
There is no declared install spec in the registry (instruction-only), but the SKILL.md tells the user to run pip install python-binance ccxt. That is expected for a Python skill, but packages are unpinned and fetched from PyPI with no hashes — this increases risk (supply-chain or trojaned package) and there is no guidance to run installs in an isolated environment.
!
Credentials
The skill requires Binance API credentials (used throughout examples) but the registry metadata lists no required env vars or primary credential. Asking for API keys is reasonable for trading, but the metadata omission is an inconsistency that prevents automated permission checks and user awareness. No mention of withdrawal permissions in required settings — instructions correctly advise to avoid enabling withdrawals, but there is no enforcement.
Persistence & Privilege
The skill is not always-enabled and does not request elevated/persistent platform privileges. It doesn't instruct modifying other skills or system-wide agent config. Autonomous invocation is allowed by default (normal) but not itself flagged.
What to consider before installing
This skill appears to implement real Binance operations and legitimately needs your BINANCE_API_KEY and BINANCE_API_SECRET, but the registry metadata did not declare those env vars and the install instructions ask you to pip-install unpinned packages from PyPI. Before installing or running it: (1) Verify the skill's source/author — prefer official or well-known authors; (2) use a dedicated Binance API key with minimal permissions (enable Trade/Read, disable Withdraw) and enable IP whitelist or use a sub-account with limited funds; (3) run pip installs in an isolated virtualenv or sandbox and consider pinning package versions or verifying package checksums; (4) treat the skill as capable of placing real trades — test with tiny amounts or a sandbox/testnet account first; (5) if you require stronger assurance, ask the publisher to update registry metadata to declare required env vars and provide an install spec with pinned versions or a vetted release URL. If you do not trust the unknown source, do not provide your real API keys or run the install on a production system.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fq8fxdhp8cnrb3cfv2b8h8s84jje5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments