ClawHub

MiniMax Quota Query

Security checks across malware telemetry and agentic risk

Overview

This skill is a small MiniMax quota checker that uses a user-provided API key for the stated MiniMax endpoint, with no hidden persistence or unrelated behavior found.

Install this only if you intend to let the agent check your MiniMax quota. Prefer MINIMAX_API_KEY from a trusted environment or secret store instead of passing the key on the command line, and confirm the request is specifically about MiniMax quota before allowing a network call.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill instructs use of an API key from an environment variable and makes outbound requests, but the metadata shown does not declare corresponding permissions. Undeclared access to env and network expands the skill's effective capabilities and can bypass user or platform expectations about what the skill may access.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The trigger phrases are broad enough to match ordinary conversation about usage or quotas, which can cause the skill to activate unexpectedly. In a skill that reads an API key and performs network requests, overbroad activation increases the chance of unintended secret use or external calls without clear user intent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script explicitly supports passing the API key as a command-line argument, which can expose the secret through shell history, process listings, job control logs, or audit tooling on the host. In a skill/tooling context where users may run helper scripts directly, this increases the chance of accidental credential disclosure even though the code does not exfiltrate the key itself.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal