Back to skill
Skillv1.0.0
ClawScan security
Binance Query Token · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 6:53 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose (querying token info from Binance web3 APIs) matches its instructions and requirements; it makes only read-only HTTP calls to public Binance endpoints and requests no credentials or installs.
- Guidance
- This skill appears coherent and low-risk: it only documents public Binance web3 API calls and requires no credentials or installation. Before installing, consider that (1) it will make network requests to web3.binance.com when invoked (verify you are comfortable with that external data flow), (2) the skill's source and homepage are missing—if provenance matters to you, prefer skills with a verifiable publisher or official documentation link, and (3) public APIs can have rate limits and occasional data inaccuracies, so do not treat results as authoritative for high-value decisions.
Review Dimensions
- Purpose & Capability
- okName/description describe token search, metadata, market and K-Line data and the SKILL.md exclusively documents Binance web3 public APIs that provide exactly those capabilities. There are no unrelated credentials, binaries, or config paths requested.
- Instruction Scope
- okRuntime instructions are limited to constructing GET requests against documented web3.binance.com endpoints (examples use curl). The instructions do not tell the agent to read local files, access unrelated environment variables, or transmit data to unexpected endpoints.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files, so nothing is written to disk or installed at runtime.
- Credentials
- okThe skill declares no required environment variables, credentials, or config paths. That aligns with its use of public, unauthenticated GET endpoints.
- Persistence & Privilege
- okalways is false and the skill does not request persistent or elevated privileges. Autonomous invocation is allowed by default but is not combined with any broad credential access or unusual capabilities.