ClawHub

AB Agents Vision

Security checks across malware telemetry and agentic risk

Overview

This is a user-invoked image analysis skill that coherently uses MiniMax’s remote vision API, but users should treat submitted images as leaving their machine.

Install only if you are comfortable sending selected images and prompts to MiniMax’s service. Avoid using it on secrets, private screenshots, regulated documents, or personal photos unless that external processing is acceptable. Prefer installing uv through a package manager or by downloading and reviewing the installer instead of piping curl directly to sh.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly advertises analysis of local files and URLs via the MiniMax VL API, but it does not warn users that supplied images may be uploaded to a third-party remote service for processing. This can cause unintentional disclosure of sensitive screenshots, documents, or photos, especially in an agent context where users may assume local-only handling.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script sends a user-supplied image path and prompt into an external MCP/API tool without any explicit disclosure that image content may be transmitted off-host for remote analysis. In a vision skill, this is expected functionality, but it still creates a real privacy/data-handling risk because users may pass sensitive local screenshots or photos assuming purely local processing.

Missing User Warnings

Low
Confidence
78% confidence
Finding
The script invokes external executables ('uvx', 'minimax-coding-plan-mcp', and 'python3') and even prepends user-local bin directories to PATH, which can cause unexpected code execution if those tools are replaced or shadowed. While subprocess use is normal for a shell wrapper, the undocumented side effects and PATH manipulation increase the risk of executing unintended binaries in compromised environments.

External Script Fetching

Low
Category
Supply Chain
Content
```bash
# Install
curl -LsSf https://astral.sh/uv/install.sh | sh

# Set your MiniMax API key
export MINIMAX_API_KEY="sk-cp-your-key"
Confidence
93% confidence
Finding
curl -LsSf https://astral.sh/uv/install.sh | sh

Chaining Abuse

High
Category
Tool Misuse
Content
```bash
# Install
curl -LsSf https://astral.sh/uv/install.sh | sh

# Set your MiniMax API key
export MINIMAX_API_KEY="sk-cp-your-key"
Confidence
97% confidence
Finding
| sh

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal