Skillv1.0.0

ClawScan security

binancesquare · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 13, 2026, 2:54 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are consistent with its stated purpose (fetching and filtering recent Binance‑Square posts) and it does not request credentials or install software, though there are minor points to verify about the API endpoint and hardcoded headers/cookie.
Guidance: This skill appears to do only what it says: POST to a single API, filter results, and print a table. Before installing or running it, verify the API host (bmwweb.cc) is trustworthy and acceptable for your use — it is not the obviously branded binance.com hostname. Note the script sends a hardcoded Cookie/Bnc‑Uuid header; that may be unnecessary, may expire, or may impersonate a browser session. Do not run the script on systems with sensitive network privileges. If you need higher assurance, inspect network traffic when the script runs or run it in an isolated environment, and check the service's terms of use to ensure scraping is permitted.

Purpose & Capability: noteName/description claim: fetch Binance Square 12‑hour retail posts. The code and SKILL.md implement a POST to an API, filter out verified/role accounts and keywords, and output a table. This matches the stated purpose. Note: the API host used is 'bmwweb.cc' rather than an obvious 'binance.com' domain — this could be legitimate (third‑party/mirror API) but should be verified by the user.
Instruction Scope: noteInstructions and the included Python script only perform HTTP POST requests to the single API, filter results, and print a table. They do not read local files, access other environment variables, or transmit data to third parties beyond the listed API. Minor issue: headers include a hardcoded Cookie and Bnc‑Uuid value in both SKILL.md and the script; this is unusual but not inherently malicious — it may be to emulate a browser session.
Install Mechanism: okNo install spec (instruction-only with an included script). Nothing is downloaded or written to disk by an installer. Risk from install mechanism is low.
Credentials: okThe skill requires no environment variables, credentials, or config paths. The absence of requested secrets is proportionate to its simple HTTP scraping/use case.
Persistence & Privilege: okalways is false and the skill does not request permanent presence or modify other skills/config. Autonomous invocation is allowed by platform default but is not elevated here.