The Agent Skills Directory

DATA_EXPOSURE (SAFE): The skill is designed to handle sensitive Binance API keys and secrets. It uses a local dependency (@openclaw/auth-provider) to store these credentials in an encrypted SQLite database (~/.openclaw/skills/auth-provider/credentials.db) with restricted file permissions (0600). No unauthorized exfiltration or exposure was detected.- EXTERNAL_DOWNLOADS (SAFE): All network activity is restricted to official Binance API domains (api.binance.com and testnet.binance.vision). No suspicious remote scripts or binaries are downloaded or executed.- COMMAND_EXECUTION (SAFE): While the skill includes a CLI component, it does not use dangerous functions like eval(), exec(), or child_process.spawn() with unsanitized user input in the analyzed source code.- PROMPT_INJECTION (SAFE): The skill does not process natural language prompts or implement LLM logic that could be subverted through injection techniques.

binance-auth