Skillv1.0.1

ClawScan security

Binance Official Spot · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 5, 2026, 6:53 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to be a legitimate Binance Spot API helper, but there are inconsistencies and risky/inaccurate instructions (missing declared credentials, odd signature examples, and examples that could expose secrets) that you should address before use.
Guidance: This skill is broadly coherent with its stated purpose (Binance Spot API), but several issues merit caution: - Source and provenance: the skill's homepage is unknown. Prefer skills from verifiable publishers; verify this bundle before trusting it with real API keys. - Credentials: the SKILL.md expects an API key and secret, but the skill metadata does not declare any required env vars. Decide how you'll supply keys (prefer injecting them as environment variables or using a secure vault) and never paste secrets into chat or into commands where they appear in shell history or process lists. - Example inaccuracies and secrecy risk: the authentication doc includes RSA/Ed25519 examples and a likely-typo in an openssl command; Binance typically uses HMAC SHA256. The examples also show secrets inline; avoid those. Prefer using official Binance SDKs or well-reviewed client libraries rather than copy-pasting shell examples. - Test first: use testnet credentials and minimal permissions (spot trading only, no withdrawals) and enable IP whitelist on your API key before using with real funds. If you plan to install or use this skill: ask the publisher for a verified homepage/source, request that the skill metadata be updated to declare the primary credential(s) and to fix the misleading signature examples, and confirm that the agent will accept credentials via secure environment variables rather than free-form input.

Review Dimensions

Purpose & Capability: noteName and description match the SKILL.md content: this is an instruction-only helper for Binance Spot endpoints. However, the registry metadata lists no required environment variables or primary credential even though the skill explicitly documents using an API key and secret for authenticated endpoints — that mismatch is unexpected and reduces clarity about how credentials are supplied to the agent.
Instruction Scope: concernSKILL.md provides concrete curl/openssl examples for signing and calling endpoints (expected), but it also includes unusual/incorrect signature approaches (RSA and Ed25519 examples that Binance does not use in practice, and a likely-typo 'openssl pkeyut') which are misleading. Some examples show secrets inline or on the command line (exposed to shell history/process lists). The instructions do not attempt to exfiltrate data to third-party endpoints, but the guidance around handling secrets is risky and ambiguous.
Install Mechanism: okInstruction-only skill with no install spec and no code files — nothing will be written to disk or installed by the skill itself, which is the lowest-risk install posture.
Credentials: concernThe skill relies on API key and secret for authenticated calls (documented in references/authentication.md) but the registry metadata declares no required env vars or primary credential. That omission makes it unclear how credentials are expected to be provided and increases the risk of insecure handling (e.g., copying secrets into chat or command lines).
Persistence & Privilege: okalways:false and no special OS or persistence requests. The skill does not request elevated platform privileges or persistent system-wide changes.