Back to skill

Security audit

Minimax Image Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward MiniMax image-generation client, with expected API-key use, external prompt/image transfer, and optional user-requested image saving.

Install only if you are comfortable sending prompts and any reference images to MiniMax and using a MiniMax API key that may consume paid credits. Avoid submitting confidential text or images, and use the default save location or a deliberate output path to avoid overwriting local files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Tainted flow: 'filepath' from requests.post (line 363, network input) → open (file write)

Medium
Category
Data Flow
Content
response = requests.get(url, timeout=30)
        response.raise_for_status()
        with open(filepath, 'wb') as f:
            f.write(response.content)
        return (True, filepath)
    except Exception as e:
Confidence
88% confidence
Finding
with open(filepath, 'wb') as f:

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documentation declares required environment variables and a Python runtime, and its described behavior clearly depends on outbound network access to the MiniMax API, but it does not explicitly declare permissions for those capabilities. Undeclared network and environment access weakens transparency and policy enforcement, making it easier for users or hosting platforms to underestimate what the skill can access and transmit.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill performs local file writes by downloading and saving remote image content, which exceeds a generation-only capability description and creates additional attack surface. In an agent environment, undeclared write capability is security-relevant because it may bypass user expectations or policy controls tied to the manifest.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends user prompts and, for image-to-image use, reference image URLs or base64 image content to a third-party MiniMax service, but the description does not prominently warn users about that external data transfer. This can cause unintentional disclosure of sensitive text or images, especially if users assume processing is local or do not realize uploaded content leaves their environment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.