ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Binance Spot

v1.0.0

Binance Spot request using the Binance API. Authentication requires API key and secret key. Supports testnet and mainnet.

0· 229·1 current·1 all-time
byAle@sum-li
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name, description, and SKILL.md content consistently describe a Binance Spot API helper (endpoints, signing, base URLs). That purpose is coherent. However, the metadata claims no required credentials/config but the runtime instructions repeatedly require an API key and secret for authenticated endpoints — the skill should have declared these as required credentials (primaryEnv/envVars).
!
Instruction Scope
SKILL.md contains concrete runtime instructions and examples that build HMAC signatures, call curl, and show bash snippets that require secret keys. The instructions do not specify how or where the agent should securely obtain or store those credentials (and they are not declared in the skill manifest). The doc also includes RSA/Ed25519 signing examples that are not part of standard Binance HMAC flows — this is unexpected and increases the surface for misuse or confusion. Because the instructions will cause the agent to handle secret material and execute network requests, the lack of declared credential-handling is a scope concern.
Install Mechanism
Instruction-only skill with no install steps or downloaded artifacts. No files are written or external binaries installed by the skill itself, which lowers technical installation risk.
!
Credentials
The skill clearly needs an API key and secret for authenticated endpoints, but the registry metadata lists no required environment variables or primary credential. Requiring user secrets without declaring them is disproportionate and makes it unclear how the agent will request or store credentials. The inclusion of RSA/Ed25519 signing examples (and commands referencing private keys) is not justified by the stated Binance HMAC signing model and expands credential types unexpectedly.
Persistence & Privilege
The skill does not request persistent/invulnerable privileges (always: false) and does not include install-time hooks. Autonomous invocation is allowed by default (normal), but there is no evidence the skill attempts to modify other skills or system configuration.
What to consider before installing
This skill appears to be a straightforward Binance Spot API helper, but it has a key omission: the manifest does not declare the API key/secret the SKILL.md expects. Before installing or using it, consider the following: - Do not paste your mainnet secret key into chat messages. The skill's instructions require a secret; prefer supplying credentials through the platform's secure skill-credential mechanism (if available) rather than in conversation. - Use testnet keys first and grant minimal permissions (enable spot trading only, disable withdrawals). Fund with a small amount for testing. - Ask the skill author (or registry) to declare the required environment variables/primary credential in the manifest so your platform can store them securely; currently it is unclear how credentials are handled. - Enable Binance IP whitelisting for the API key and set tight recvWindow/timestamp sync to reduce risk. - The SKILL.md includes RSA/Ed25519 signing examples that are not typical for Binance HMAC signing — ask why different signature types are present and whether the skill will request or accept private keys beyond the secret key. - Verify the skill's provenance (source/homepage unknown, owner ID only) before trusting it with live trading keys. If you plan to use this skill with real funds, require the developer to: (1) update the manifest to declare credentials so they can be stored securely by the platform, (2) document where keys are stored/used and whether any logging or external endpoints are contacted, and (3) remove or explain the nonstandard signing examples. Until then treat it as suspicious and test only with limited, revocable testnet credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk9721h06g8ctb1damkxshfts3s82g9n9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments