Skillv1.0.0

ClawScan security

Mmx Text Researcher · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 13, 2026, 11:21 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The instructions describe using the MiniMax (mmx) CLI and an API key, but the skill metadata does not declare the required binary or credentials — this mismatch warrants caution before installing or running it.
Guidance: This skill appears to be a wrapper for the MiniMax 'mmx' CLI and will require you to have that CLI installed and an API key for MiniMax. Before installing or using it: (1) confirm the 'mmx' binary is trustworthy and comes from an official source; (2) do not paste high-privilege or sensitive secrets into prompts — use a least-privilege API key and understand where the CLI stores credentials; (3) ask the author to update the skill metadata to declare the required binary and the credential (so you can see upfront what it needs); (4) verify the MiniMax service's data-handling and region behavior (requests to 'CN' region may be subject to different laws); and (5) if you need only simple lookups, prefer the agent's web_search tool to avoid sending data to an external LLM service. The main risk here is the metadata omission: the skill will prompt/use an API key and send data to a remote service without that requirement being visible in the registry entry.

Review Dimensions

Purpose & Capability: noteThe skill's stated purpose (deep multi-source research via the MiniMax CLI) matches the SKILL.md content: it instructs use of 'mmx search' and 'mmx text chat' for synthesis and verification. However, the registry metadata declares no required binaries or credentials, while the instructions clearly require the 'mmx' CLI and an API key/authorization. That metadata omission is an inconsistency.
Instruction Scope: noteThe SKILL.md stays within the research purpose: it instructs the agent to run mmx search and mmx text chat commands, structure outputs, and verify claims. It does not direct the agent to read arbitrary local files or unrelated environment variables. Note: the instructions do explicitly tell the agent how to authenticate (mmx auth login --api-key <key>), which implies the agent or user will provide credentials that get stored/used by the mmx CLI and transmitted to the MiniMax service.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, which lowers the risk of arbitrary code being written to disk. The SKILL.md assumes an external 'mmx' CLI is already installed; it does not provide an installer.
Credentials: concernThe instructions require an API key for 'mmx auth login', and reference region configuration (global vs CN), but the skill metadata lists no required environment variables or primary credential. That mismatch is concerning because the skill will cause the agent/user to provide and use credentials without those secrets being declared up front. Also, the skill could transmit queried content and research data to the MiniMax service; users should confirm whether that is acceptable for sensitive topics.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated or persistent platform privileges. Autonomous invocation is allowed by default (disable-model-invocation: false) but this is the platform default and not by itself a red flag. The skill does not claim to modify other skills or system-wide settings.