ClawHub

OpenClaw Binance

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a Binance monitoring/reporting tool, but it asks users to store high-impact Binance API credentials without clear least-privilege or secret-handling guidance.

Review before installing. Use a Binance API key with the minimum possible permissions, preferably read-only; disable withdrawals and trading unless you have verified the code needs them; apply Binance IP restrictions where possible; keep config.json out of version control and backups; and verify the Feishu webhook destination before running.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly instructs users to place Binance API credentials into a local config file but provides no guidance on secure storage, file permissions, exclusion from version control, or use of restricted API keys. In a trading-monitoring skill, these credentials can enable access to exchange accounts, so normalizing unsafe secret handling increases the risk of accidental exposure, credential theft, and account misuse.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly instructs users to obtain Binance API credentials and place them into a local config file, but provides no guidance on secure secret storage, file permission hardening, exclusion from version control, or limiting API key privileges. In a trading context, exposed exchange credentials can enable unauthorized account access, trading, or data theft, making this a real security issue rather than a purely documentation concern.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal