← 返回 Skills 市场
Binance Pro Cn
作者
Guohongbin
· GitHub ↗
· v1.0.1
1128
总下载
0
收藏
5
当前安装
2
版本数
在 OpenClaw 中安装
/install binance-pro-cn
功能描述
币安专业版 | Binance Pro. 完整币安集成 | Complete Binance integration. 现货/合约交易、杠杆、质押 | Spot/futures trading, leverage, staking. 触发词:币安、Binance、交易、trading.
使用说明 (SKILL.md)
Binance Pro 🟡
Professional skill for trading on Binance - the world's largest crypto exchange.
🚀 Quick Start
Setup Credentials
Save to ~/.openclaw/credentials/binance.json:
{
"apiKey": "YOUR_API_KEY",
"secretKey": "YOUR_SECRET_KEY"
}
Environment Variables (alternative)
export BINANCE_API_KEY="your_api_key"
export BINANCE_SECRET="your_secret_key"
📊 Basic Queries
Check Spot Balance
TIMESTAMP=$(date +%s%3N)
QUERY="timestamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
curl -s "https://api.binance.com/api/v3/account?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '[.balances[] | select(.free != "0.00000000")]'
Get Current Price
curl -s "https://api.binance.com/api/v3/ticker/price?symbol=BTCUSDT" | jq '.'
Get All Futures Positions
TIMESTAMP=$(date +%s%3N)
QUERY="timestamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
curl -s "https://fapi.binance.com/fapi/v2/positionRisk?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '[.[] | select(.positionAmt != "0")]'
⚡ Futures (Leverage Trading)
Open LONG Position (Buy)
SYMBOL="BTCUSDT"
SIDE="BUY"
QUANTITY="0.001"
TIMESTAMP=$(date +%s%3N)
QUERY="symbol=${SYMBOL}&side=${SIDE}&type=MARKET&quantity=${QUANTITY}×tamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
curl -s -X POST "https://fapi.binance.com/fapi/v1/order?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '.'
Open SHORT Position (Sell)
SYMBOL="BTCUSDT"
SIDE="SELL"
QUANTITY="0.001"
TIMESTAMP=$(date +%s%3N)
QUERY="symbol=${SYMBOL}&side=${SIDE}&type=MARKET&quantity=${QUANTITY}×tamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
curl -s -X POST "https://fapi.binance.com/fapi/v1/order?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '.'
Set Stop Loss
SYMBOL="BTCUSDT"
SIDE="SELL" # To close LONG use SELL, to close SHORT use BUY
STOP_PRICE="75000"
TIMESTAMP=$(date +%s%3N)
QUERY="symbol=${SYMBOL}&side=${SIDE}&type=STOP_MARKET&stopPrice=${STOP_PRICE}&closePosition=true×tamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
curl -s -X POST "https://fapi.binance.com/fapi/v1/order?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '.'
Set Take Profit
SYMBOL="BTCUSDT"
SIDE="SELL" # To close LONG use SELL, to close SHORT use BUY
TP_PRICE="85000"
TIMESTAMP=$(date +%s%3N)
QUERY="symbol=${SYMBOL}&side=${SIDE}&type=TAKE_PROFIT_MARKET&stopPrice=${TP_PRICE}&closePosition=true×tamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
curl -s -X POST "https://fapi.binance.com/fapi/v1/order?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '.'
Close Position (Market)
# First, get current position quantity
POSITION=$(curl -s "https://fapi.binance.com/fapi/v2/positionRisk?timestamp=${TIMESTAMP}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq -r '.[] | select(.symbol=="BTCUSDT") | .positionAmt')
# If POSITION > 0, it's LONG, close with SELL
# If POSITION \x3C 0, it's SHORT, close with BUY
Change Leverage
SYMBOL="BTCUSDT"
LEVERAGE="10" # 1 to 125
TIMESTAMP=$(date +%s%3N)
QUERY="symbol=${SYMBOL}&leverage=${LEVERAGE}×tamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
curl -s -X POST "https://fapi.binance.com/fapi/v1/leverage?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '.'
📈 Spot Trading
Buy (Market)
SYMBOL="ETHUSDT"
QUANTITY="0.1"
TIMESTAMP=$(date +%s%3N)
QUERY="symbol=${SYMBOL}&side=BUY&type=MARKET&quantity=${QUANTITY}×tamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
curl -s -X POST "https://api.binance.com/api/v3/order?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '.'
Sell (Market)
SYMBOL="ETHUSDT"
QUANTITY="0.1"
TIMESTAMP=$(date +%s%3N)
QUERY="symbol=${SYMBOL}&side=SELL&type=MARKET&quantity=${QUANTITY}×tamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
curl -s -X POST "https://api.binance.com/api/v3/order?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '.'
🔧 Utilities
View Open Orders
TIMESTAMP=$(date +%s%3N)
QUERY="timestamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
# Futures
curl -s "https://fapi.binance.com/fapi/v1/openOrders?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '.'
Cancel Order
SYMBOL="BTCUSDT"
ORDER_ID="123456789"
TIMESTAMP=$(date +%s%3N)
QUERY="symbol=${SYMBOL}&orderId=${ORDER_ID}×tamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
curl -s -X DELETE "https://fapi.binance.com/fapi/v1/order?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '.'
View Trade History
SYMBOL="BTCUSDT"
TIMESTAMP=$(date +%s%3N)
QUERY="symbol=${SYMBOL}×tamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
curl -s "https://fapi.binance.com/fapi/v1/userTrades?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '.[-10:]'
🏦 Detailed Futures Balance
TIMESTAMP=$(date +%s%3N)
QUERY="timestamp=${TIMESTAMP}"
SIGNATURE=$(echo -n "$QUERY" | openssl dgst -sha256 -hmac "$SECRET" | cut -d' ' -f2)
curl -s "https://fapi.binance.com/fapi/v2/balance?${QUERY}&signature=${SIGNATURE}" \
-H "X-MBX-APIKEY: ${API_KEY}" | jq '[.[] | select(.balance != "0")]'
📋 Popular Pairs
| Pair | Description |
|---|---|
| BTCUSDT | Bitcoin |
| ETHUSDT | Ethereum |
| BNBUSDT | BNB |
| SOLUSDT | Solana |
| XRPUSDT | XRP |
| DOGEUSDT | Dogecoin |
| ADAUSDT | Cardano |
| AVAXUSDT | Avalanche |
⚠️ Safety Rules
- ALWAYS verify position before closing
- ALWAYS set Stop Loss on leveraged trades
- NEVER use leverage higher than 10x without experience
- VERIFY pair and quantity before executing
- CONFIRM with user before executing large orders
🔗 Links
Skill created by Total Easy Software - Clayton Martins
安全使用建议
This skill appears to be a straightforward set of shell examples for Binance trading, but the package metadata is incomplete and contains inconsistencies — treat it as suspicious until you verify details. Before installing or using it: 1) Do not paste your main Binance API secret blindly. Create a dedicated API key with minimal necessary permissions (enable only trading if needed, disable withdrawals) and, if possible, restrict to specific IPs. 2) Prefer using Binance testnet keys to test behavior. 3) Ensure the expected CLI tools (curl, openssl, jq, date) are present on the host and understand that the examples will execute shell commands that use your secret to sign requests. 4) Note the env-var mismatch: SKILL.md suggests BINANCE_API_KEY/BINANCE_SECRET but example scripts use API_KEY/SECRET — correct this before running. 5) Store credentials securely and with correct file permissions if you use ~/.openclaw/credentials/binance.json. 6) Because the skill source/origin is unknown and _meta.json fields (ownerId/slug) do not fully match the registry metadata, prefer caution: audit or rewrite the commands yourself, test on testnet with small amounts, and avoid granting autonomous agents permission to invoke trading without explicit human review.
功能分析
Type: OpenClaw Skill
Name: binance-pro-cn
Version: 1.0.1
The skill is designed for legitimate Binance API interactions, but it constructs shell commands by directly embedding variables (e.g., SYMBOL, QUANTITY) without apparent sanitization. This creates a significant shell injection vulnerability (potential RCE) if the OpenClaw agent allows untrusted user input to populate these variables. While there is no clear evidence of intentional malicious behavior like data exfiltration to unauthorized endpoints or persistence mechanisms, this vulnerability makes the skill suspicious.
能力评估
Purpose & Capability
The SKILL.md clearly implements Binance spot/futures trading and signing requests with API key + secret — that purpose is coherent. However the registry metadata declares no required environment variables or credentials even though the instructions require an API key and secret and expect a credentials file (~/.openclaw/credentials/binance.json). This mismatch between declared requirements and the actual runtime needs is a meaningful incoherence.
Instruction Scope
The instructions explicitly direct the agent (or user) to store API keys, compute HMAC signatures with openssl, and call Binance REST endpoints via curl — all within the stated trading scope. Problems: the README suggests environment variable names BINANCE_API_KEY/BINANCE_SECRET but the example curl scripts reference API_KEY and SECRET (variable-name mismatch), and the instructions require command-line tools (curl, openssl, jq, date) that are not declared. There are no hidden external endpoints in the file; all network calls point to official Binance endpoints, but the inconsistent env names and missing declarations increase risk of accidental misconfiguration or credential leakage.
Install Mechanism
This is an instruction-only skill with no install spec (lowest disk-write risk). However, its runtime assumes several CLI tools (curl, openssl, jq, date) and that a credentials file can be created at ~/.openclaw/credentials/binance.json; none of these are declared in the skill metadata. The absence of declared dependencies is an omission that makes the metadata unreliable.
Credentials
The skill requires highly sensitive secrets (Binance API key and secret) to perform trading, which is proportionate to its stated purpose, but the skill metadata lists no required environment variables or primary credential. That omission is important: users are not warned up-front by the registry that they must supply secrets. Also, the SKILL.md inconsistently uses different environment variable names (BINANCE_API_KEY/BINANCE_SECRET vs API_KEY/SECRET), increasing the chance of misconfiguration. The skill does not request unrelated credentials, but it does ask for full API key & secret with permission to place/cancel orders — users should restrict permissions (disable withdrawals) and consider IP restrictions.
Persistence & Privilege
The skill is not marked always:true and is user-invocable; model invocation is enabled (platform default). That means an agent could autonomously execute trades if given the keys. Autonomous invocation alone isn't a disqualifier, but combined with the missing metadata and credential handling issues it raises operational risk: if the agent is allowed to call this skill without careful human gating, it could place live orders.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install binance-pro-cn - 安装完成后,直接呼叫该 Skill 的名称或使用
/binance-pro-cn触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Update: Improved documentation and security checks
v1.0.0
Complete Binance integration | 完整币安集成,中英文双语
元数据
常见问题
Binance Pro Cn 是什么?
币安专业版 | Binance Pro. 完整币安集成 | Complete Binance integration. 现货/合约交易、杠杆、质押 | Spot/futures trading, leverage, staking. 触发词:币安、Binance、交易、trading. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1128 次。
如何安装 Binance Pro Cn?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install binance-pro-cn」即可一键安装,无需额外配置。
Binance Pro Cn 是免费的吗?
是的,Binance Pro Cn 完全免费(开源免费),可自由下载、安装和使用。
Binance Pro Cn 支持哪些平台?
Binance Pro Cn 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Binance Pro Cn?
由 Guohongbin(@guohongbin-git)开发并维护,当前版本 v1.0.1。
推荐 Skills