Back to skill
Skillv1.0.4
VirusTotal security
MiniMax Token Used Query · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 5:29 AM
- Hash
- 3362f51a406773af12a1b123ec01bb9449efcae1d5630cce0cd3919181902743
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: minimax-token-used-query Version: 1.0.4 The skill automates browser sessions to query account data but exhibits high-risk credential handling by storing user passwords in plaintext in a local file (minimax-login.txt). It also captures screenshots of sensitive account management pages to /tmp and contains hardcoded absolute paths (/home/allen/) and broken Node.js code (query-quick.js), representing significant security vulnerabilities and poor quality control rather than intentional malice.
- External report
- View on VirusTotal