MiniMax Provider 配置
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: add-minimax-provider Version: 2.0.0 The skill is designed to configure MiniMax as a model provider for OpenClaw. All shell commands (`curl`, `python3`, `openclaw doctor`, `launchctl`, `tail`) are used for legitimate purposes such as testing API connectivity to `api.minimaxi.com`, checking local OpenClaw configuration, or restarting OpenClaw services. Instructions in `SKILL.md` guide the agent to modify `~/.openclaw/openclaw.json` for configuration, which is the explicit purpose of the skill. There is no evidence of data exfiltration, malicious execution, persistence, or prompt injection attempting to subvert the agent for harmful objectives beyond the stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Future OpenClaw model calls may use the user's MiniMax account and could incur charges or consume account quota.
The skill asks the user to place a MiniMax API key or OAuth marker into OpenClaw provider configuration, which is expected for this integration but grants access to a paid/provider account.
"API Key | 格式为 `sk-cp-...`" and "\"apiKey\": \"<你的API_KEY>\""
Use a dedicated MiniMax key where possible, keep the config file private, avoid pasting real keys into shared logs or chats, and revoke the key if it is no longer needed.
A bad or unintended configuration change could route future prompts to different providers, affect costs, or break OpenClaw model startup.
The skill directs edits to the main OpenClaw configuration, including provider registration, aliases, and primary/fallback model routing. This is purpose-aligned but affects future agent behavior.
在 `~/.openclaw/openclaw.json` 的 `models.providers` 下添加 provider
Review the openclaw.json diff before applying it, keep a backup, confirm the intended primary and fallback models, and validate the configuration after editing.
Prompts, conversation context, or files included in model requests may be processed by MiniMax when this provider is used.
The configuration routes model-provider traffic to MiniMax endpoints. This is disclosed and central to the skill, but it creates an external provider data boundary.
"baseUrl": "https://api.minimaxi.com/v1" and "baseUrl": "https://api.minimaxi.com/anthropic"
Check MiniMax privacy, retention, and billing terms before using it for sensitive data, and choose a different model route for content that should not leave your environment.
Manual installs from the main branch could fetch content that differs from the reviewed artifact if the repository changes later.
The README offers a manual install path from a moving GitHub branch archive without a pinned commit or checksum. The package is instruction-only here, so this is a provenance note rather than a behavioral concern.
curl -L https://github.com/jooey/openclaw-skill-add-minimax-provider/archive/refs/heads/main.tar.gz | tar xz
Prefer the reviewed registry artifact or pin a specific commit/release and inspect the files before installing from GitHub.