Back to skill

Security audit

MiniMax Coding Plan Tool Patched

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward MiniMax API helper, but users should know that searches and images they submit are processed by MiniMax online.

Install only if you are comfortable sending your search queries, image URLs, prompts, and any selected local image files to MiniMax. Do not submit secrets, private screenshots, confidential documents, or internal-only URLs unless that external processing is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README advertises web search and image-understanding features but does not clearly disclose that user prompts, image URLs, and potentially local image file contents are transmitted to the third-party MiniMax API. This can cause users to unknowingly send sensitive data off-host, especially because the examples normalize passing local files and arbitrary queries directly to the service.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly supports uploading local files and remote image/URL content to MiniMax's external API, but it does not clearly warn users that this data leaves the local environment and is transmitted to a third party. This can lead to inadvertent disclosure of sensitive local images, documents, or internal URLs if a user assumes processing is local-only.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The image-analysis path accepts a local file path, reads the file, base64-encodes it, and sends the contents to a remote MiniMax API. That behavior can expose sensitive local files if a user or upstream agent passes an unintended path, and the tool does not provide any explicit consent prompt, path restriction, or warning that local data will be transmitted off-host.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.