Skills
skills/cmeiliu/binance-us-skills/binance-us-briefing-engine/Gen Agent Trust Hub

binance-us-briefing-engine

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses sensitive credentials and performs network operations.
  • Accesses Binance.US API keys and secrets from local configuration files (~/.openclaw/secrets.env, .env).
  • Performs network requests to api.binance.us and news.google.com to fulfill its stated purpose.
  • These operations are consistent with the skill's primary function of providing account-aware market reports and do not involve untrusted third-party domains.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection through external data ingestion.
  • Ingestion points: The scripts/binance_us_brief.py script fetches news headlines from the Google News RSS feed (news.google.com/rss/search) in the fetch_asset_news function.
  • Boundary markers: External content (headlines) is interpolated into the final output delivered to the agent without clear delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill script is executed by the agent and retrieves sensitive account information such as balances and trade history.
  • Sanitization: No sanitization or filtering of the headline text is performed before it is included in the output.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 03:00 PM