Binance Spot

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill can use Binance API credentials to place or cancel live trades, but its credential handling, approval boundaries, and provenance are not clearly declared.

Use this only if you intentionally want an agent to interact with Binance. Prefer testnet, verify the publisher, inspect the flagged API-key line, create a restricted spot-only API key with withdrawals disabled and IP allowlisting, and require manual confirmation before any real order or cancellation.

Static analysis

Exposed secret literal

Critical

Finding: File appears to expose a hardcoded API secret or token.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation

High

What this means

If valid Binance credentials are provided, an agent could create or cancel spot trades and affect account balances.

Why it was flagged

These are signed Binance endpoints that can cancel existing orders or place new orders; the supplied artifacts do not show an explicit confirmation, allowlist, or dry-run default before live financial actions.

Skill content

`/api/v3/openOrders` (DELETE) | Cancel All Open Orders on a Symbol ... Authentication | Yes ... `/api/v3/order` (POST) | New order ... Authentication | Yes

Recommendation

Require explicit user confirmation for every order or cancel action, default to testnet or `/api/v3/order/test` when possible, and limit allowed symbols, order sizes, and action types.

#ASI03: Identity and Privilege Abuse

High

What this means

Users may provide powerful Binance credentials without clear limits on how the agent will store, request, or use them.

Why it was flagged

The skill needs Binance API credentials, but the registry does not declare a credential channel or required credential scope, leaving high-impact key handling under-specified.

Skill content

Description: Binance Spot request using the Binance API. Authentication requires API key and secret key. ... Required env vars: none ... Env var declarations: none ... Primary credential: none

Recommendation

Declare the credential requirements, use a dedicated restricted Binance API key, disable withdrawals, enable IP allowlisting, and avoid pasting secrets into normal chat context.

#ASI04: Agentic Supply Chain Vulnerabilities

Medium

What this means

A user could mistake the skill for an official Binance integration and trust it with trading credentials without being able to verify its origin.

Why it was flagged

For a skill that requests financial trading credentials, missing verifiable source or homepage is a provenance gap; SKILL.md also contains an official-looking `author: Binance` claim that is not backed by the provided registry source information.

Skill content

Source: unknown
Homepage: none

Recommendation

Verify the publisher and source against Binance’s official documentation before use, and do not provide real mainnet credentials unless the provenance is trusted.