Back to skill
Skillv1.0.0
VirusTotal security
MiniMax Vision · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMar 28, 2026, 4:56 AM
- Hash
- 90e830b9a159759c14e50eb0aae18f20543af52630e632c5d19ed52d297a7e06
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: minimax-vision Version: 1.0.0 The skill is designed for image recognition using the MiniMax MCP, but minimax_vision.py contains a hardcoded absolute path to a specific user's directory (/Users/js/.local/bin) within the environment PATH configuration. While likely a developer oversight, this is a security risk and a vulnerability that could lead to the execution of unintended binaries if the environment matches the hardcoded string.
- External report
- View on VirusTotal