ClawHub

MiniMax MCP Search

Security checks across malware telemetry and agentic risk

Overview

The skill matches its MiniMax search and image-analysis purpose, but its wrapper can let crafted user input run unintended local shell commands.

Review before installing. Use only with trusted inputs until the wrapper avoids shell=True and passes arguments safely. Do not submit sensitive prompts, private URLs, or local image paths unless you are comfortable sending them through the MiniMax/MCP tooling, and verify the mcporter package and API key configuration first.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
def run_mcporter(command):
    """执行 mcporter 命令"""
    result = subprocess.run(
        command,
        shell=True,
        capture_output=True,
Confidence
99% confidence
Finding
result = subprocess.run( command, shell=True, capture_output=True, text=True, timeout=60 )

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly states that a MiniMax API key is configured and that image/search content is sent to an external MCP-backed service, but it provides no warning about credential exposure, third-party data handling, or privacy risks. This can lead users to submit sensitive queries, local image paths, or confidential images without understanding that the data may leave the local environment and be processed by an external provider.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill converts local image paths to absolute paths and forwards them to an external MCP tool without any user-facing disclosure or consent mechanism. In this context, that can expose sensitive local filesystem information and potentially send private image content or path metadata to a remote service unexpectedly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal