Barra
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: barra Version: 0.1.4 The skill bundle provides metadata and instructions for a Binance spot trading tool. It includes proactive security guidance, explicitly advising users to disable withdrawal permissions and implement IP whitelisting for their API keys. No malicious code, exfiltration logic, or harmful prompt injections were found in the provided files (SKILL.md and _meta.json).
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A misinterpreted or overly broad instruction could result in a real BTC purchase using the user's Binance funds.
The skill instructs the agent to turn conversational text into live Binance API orders. The provided artifacts do not show a mandatory final user confirmation, order preview, spending limit, or dry-run safeguard before execution.
“AI从你的对话中提取交易参数” ... “调用币安现货API执行买入操作”
Require an explicit final confirmation showing symbol, order type, amount, price, estimated fees, and account to be used before any live order is placed; add spending limits and a test/dry-run mode.
Anyone or anything with access to those keys could potentially read account information and place spot trades within the Binance permissions granted.
The skill requires exchange API credentials with account-read and spot-trading authority. This is sensitive financial authority, and the registry metadata separately says there are no required env vars or primary credential.
“permissions:\n - binance.trading\n - binance.account.read” ... “export BINANCE_API_KEY=\"\"\nexport BINANCE_SECRET_KEY=\"\"”
Use a dedicated Binance API key with withdrawals disabled, IP allowlisting, minimal balances, and only the exact permissions needed; the skill metadata should declare the required credentials and permissions clearly.
It is harder to verify who maintains the skill and whether the reviewed documentation matches the published package.
The artifact set has limited provenance, and the registry version differs from _meta.json version 0.1.3 and SKILL.md version 1.0.0. There is no code here, but version/source inconsistency matters more for a financial trading skill.
“Source: unknown”, “Homepage: none”, registry “Version: 0.1.4”
Publish a clear source/homepage and align the registry, _meta.json, and SKILL.md versions before relying on it for financial actions.