MiniMax Fullstack Dev

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only full-stack development guide with one unsafe example to watch for, not a package that installs code or accesses data itself.

Safe to install as a development reference. When using the real-time/SSE sample, remove the userId query parameter and derive subscription identity only from the authenticated session or token on the server; also review generated auth, file upload, and production-hardening code before using it in production.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The SSE section says the backend authenticates subscriptions using `req.user.id`, but the frontend example connects with `EventSource('/api/events?userId=...')`. This mismatch can encourage implementers to trust a client-supplied `userId` in a query string, which can lead to insecure direct object reference or subscription confusion if copied into real code. In a security-sensitive auth section, contradictory examples are especially risky because developers often paste examples verbatim.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal