ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Binance Pro Cn

v1.0.1

币安专业版 | Binance Pro. 完整币安集成 | Complete Binance integration. 现货/合约交易、杠杆、质押 | Spot/futures trading, leverage, staking. 触发词:币安、Binance、交易、trading.

0· 1k·5 current·6 all-time
byGuohongbin@guohongbin-git
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md clearly implements Binance spot/futures trading and signing requests with API key + secret — that purpose is coherent. However the registry metadata declares no required environment variables or credentials even though the instructions require an API key and secret and expect a credentials file (~/.openclaw/credentials/binance.json). This mismatch between declared requirements and the actual runtime needs is a meaningful incoherence.
!
Instruction Scope
The instructions explicitly direct the agent (or user) to store API keys, compute HMAC signatures with openssl, and call Binance REST endpoints via curl — all within the stated trading scope. Problems: the README suggests environment variable names BINANCE_API_KEY/BINANCE_SECRET but the example curl scripts reference API_KEY and SECRET (variable-name mismatch), and the instructions require command-line tools (curl, openssl, jq, date) that are not declared. There are no hidden external endpoints in the file; all network calls point to official Binance endpoints, but the inconsistent env names and missing declarations increase risk of accidental misconfiguration or credential leakage.
!
Install Mechanism
This is an instruction-only skill with no install spec (lowest disk-write risk). However, its runtime assumes several CLI tools (curl, openssl, jq, date) and that a credentials file can be created at ~/.openclaw/credentials/binance.json; none of these are declared in the skill metadata. The absence of declared dependencies is an omission that makes the metadata unreliable.
!
Credentials
The skill requires highly sensitive secrets (Binance API key and secret) to perform trading, which is proportionate to its stated purpose, but the skill metadata lists no required environment variables or primary credential. That omission is important: users are not warned up-front by the registry that they must supply secrets. Also, the SKILL.md inconsistently uses different environment variable names (BINANCE_API_KEY/BINANCE_SECRET vs API_KEY/SECRET), increasing the chance of misconfiguration. The skill does not request unrelated credentials, but it does ask for full API key & secret with permission to place/cancel orders — users should restrict permissions (disable withdrawals) and consider IP restrictions.
Persistence & Privilege
The skill is not marked always:true and is user-invocable; model invocation is enabled (platform default). That means an agent could autonomously execute trades if given the keys. Autonomous invocation alone isn't a disqualifier, but combined with the missing metadata and credential handling issues it raises operational risk: if the agent is allowed to call this skill without careful human gating, it could place live orders.
What to consider before installing
This skill appears to be a straightforward set of shell examples for Binance trading, but the package metadata is incomplete and contains inconsistencies — treat it as suspicious until you verify details. Before installing or using it: 1) Do not paste your main Binance API secret blindly. Create a dedicated API key with minimal necessary permissions (enable only trading if needed, disable withdrawals) and, if possible, restrict to specific IPs. 2) Prefer using Binance testnet keys to test behavior. 3) Ensure the expected CLI tools (curl, openssl, jq, date) are present on the host and understand that the examples will execute shell commands that use your secret to sign requests. 4) Note the env-var mismatch: SKILL.md suggests BINANCE_API_KEY/BINANCE_SECRET but example scripts use API_KEY/SECRET — correct this before running. 5) Store credentials securely and with correct file permissions if you use ~/.openclaw/credentials/binance.json. 6) Because the skill source/origin is unknown and _meta.json fields (ownerId/slug) do not fully match the registry metadata, prefer caution: audit or rewrite the commands yourself, test on testnet with small amounts, and avoid granting autonomous agents permission to invoke trading without explicit human review.

Like a lobster shell, security has layers — review code before you run it.

binancevk97dkfj94cnrp84jbbpeyqdktx81hnwgchinesevk976tre5e5cky9cj7d8yptwca981ar7wcryptovk97dkfj94cnrp84jbbpeyqdktx81hnwgcryptocurrencyvk97dkfj94cnrp84jbbpeyqdktx81hnwglatestvk97dkfj94cnrp84jbbpeyqdktx81hnwgtradingvk97dkfj94cnrp84jbbpeyqdktx81hnwg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🟡 Clawdis

Comments