Minimax Tts

Security checks across malware telemetry and agentic risk

Overview

This MiniMax text-to-speech skill does what it claims, but it can send both your text and API key to any URL if the override option is used.

Install only if you are comfortable sending text to MiniMax for processing. Prefer MINIMAX_API_KEY over passing keys on the command line, avoid confidential or regulated text unless MiniMax's terms fit your use case, and do not use --api_url unless you fully trust the endpoint.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: Allowing callers to override the API URL turns a narrowly scoped TTS skill into a generic authenticated HTTP POST client. In an agent setting, this can be abused for SSRF, internal network probing, or exfiltration of user-provided text and the bearer token to attacker-controlled endpoints.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill instructs users to send arbitrary text to a third-party API and use an API key, but it does not disclose that user content will leave the local environment or provide credential-handling guidance. This creates a real privacy and operational security risk because users may unknowingly transmit sensitive text or mishandle the API key when invoking the script.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal