ClawHub

AB-Agents-Vision-MiniMax

Security checks across malware telemetry and agentic risk

Overview

This vision skill does what it claims, but it under-discloses that images are sent to MiniMax and may use a hidden fallback API key file.

Review this before installing if you may analyze private screenshots, documents, corporate files, or personal photos. Set and use your own MiniMax API key explicitly, verify whether vision.sh reads any fallback credential file, and avoid submitting sensitive images unless you are comfortable with MiniMax processing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly sends user-supplied images or image URLs to the MiniMax VL API, but the description does not clearly warn users that their image contents may leave the local environment and be processed by a third party. This creates a real privacy and compliance risk, especially for screenshots, documents, or photos containing sensitive personal, financial, or corporate data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script silently reads a MiniMax API key from a root-owned file and uses it if the environment variable is unset. This can cause users to unknowingly operate with privileged shared credentials, reducing transparency, complicating auditability, and potentially exposing billing, data access, or account misuse risks if the skill is run in an unexpected context.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The script sends both the user-provided prompt and image path-derived content to a remote MiniMax API without any warning or consent flow. Because images may contain sensitive screenshots, documents, or personal data, this creates a clear data exfiltration risk, especially in an agent skill where users may assume local-only processing.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal