ClawHub

Minimax Image Gen

Security checks across malware telemetry and agentic risk

Overview

The skill appears to generate MiniMax images as advertised, but it weakens API-key protection by disabling TLS certificate verification while claiming SSL/TLS safety.

Install only after reviewing the Python script or after the publisher fixes TLS verification. Use a scoped MiniMax API key with limited billing exposure, avoid sensitive prompts, and be aware that the tool may read a MiniMax key from OpenClaw config if MINIMAX_API_KEY is not set.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill requires environment access, file reading, network access, and shell execution, yet the manifest does not declare permissions or prominently disclose these capabilities. This creates a transparency and consent problem: users may invoke the skill without understanding it can read local configuration, access API keys, and make outbound requests. In this context the behavior is expected for an image-generation integration, which lowers suspicion of maliciousness, but the undocumented capability surface still increases risk if the implementation is modified or abused.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill searches unrelated local OpenClaw configuration files for Minimax credentials instead of restricting itself to its own explicitly provided secret source. This broadens credential access beyond least privilege and can cause the skill to consume credentials the user did not intend to expose to this tool.

Context-Inappropriate Capability

Medium
Confidence
82% confidence
Finding
The skill can launch external applications or a browser to open generated files, which expands the attack surface to the local desktop environment. In this skill's context the behavior is user-triggered via --preview, so it is less suspicious than covert execution, but opening arbitrary content through system handlers can still create risk if downloaded files or file associations are abused.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation says the skill uses the MiniMax Image API, but it does not clearly warn users that their prompts and possibly related generation parameters are transmitted to a third-party service. Users may enter sensitive personal, corporate, or regulated content assuming it stays local, leading to privacy, confidentiality, or compliance issues. Because this skill's core function is remote image generation, the context makes disclosure especially important rather than making the issue harmless.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal