ClawHub

MiniMax Image Generation

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed MiniMax image-generation skill that sends prompts or reference images to MiniMax and saves generated images plus a local usage log.

Install only if you are comfortable sending prompts and any reference images to MiniMax. Use a limited MiniMax API key, avoid private or sensitive reference photos, choose output paths deliberately, and delete the workspace image files or log before sharing or syncing the workspace.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation clearly describes use of an API key, outbound network access to MiniMax, and local file writes, yet the skill has no declared permissions. That mismatch is a real security issue because users and orchestration systems may not get an accurate consent boundary before the skill accesses secrets, writes logs, or sends prompts/reference images to a third party.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill persistently logs user prompts and saved file paths to a markdown file, which expands its behavior beyond simple image generation into local retention of potentially sensitive user input. Prompts can contain confidential, personal, or proprietary data, and storing them without clear disclosure increases privacy and data exposure risk if the workspace is later accessed by other tools or users.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation states that the script will automatically download generated images to a local workspace directory, but it does not clearly warn users that running the tool causes filesystem writes. In an agent context, implicit disk writes can create persistence, consume storage, and unexpectedly retain potentially sensitive or policy-restricted content.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation states that the script automatically downloads remote image URLs and writes them to a local filesystem path, but it does not prominently warn users about implicit disk writes, storage location, overwrite behavior, or trust implications of fetching remote content. In an agent/tooling context, silent filesystem writes from externally supplied URLs can create privacy, storage, and operational risk, especially if users do not expect persistent local artifacts.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Persistently recording image-generation prompts without an explicit user-facing warning creates a privacy risk because prompts often contain sensitive requests, names, internal concepts, or other confidential material. The danger is heightened by the fixed log location and indefinite retention, which can expose historical user activity beyond the immediate API call.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal