ClawHub

Minimax API

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it sends selected images or search queries to MiniMax, but users should know local image files will be uploaded for analysis.

Install only if you are comfortable sending selected images, image URLs, prompts, and search queries to MiniMax. Avoid using it on confidential screenshots or documents, and handle the MiniMax API key carefully, preferably through a controlled secret or environment setup rather than command-line arguments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrases are broad enough to match common requests like describing an image or searching the web, which increases the chance this skill activates in situations the user did not specifically intend. Because the skill can send user-supplied image URLs or local file paths to an external API, accidental activation expands the attack surface and can lead to unintended data disclosure or unnecessary external calls.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill explicitly accepts absolute local file paths for image analysis but does not clearly warn that those files may be uploaded to MiniMax's external API. This creates a meaningful risk of exfiltrating sensitive local content, especially if the skill is triggered broadly or the user does not realize that local files are leaving their machine.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This script sends both the user prompt and the full image contents to a third-party API, including local files converted to base64, without any explicit user notice, consent check, or guard against sensitive data being uploaded. In a skill context, this is materially risky because users may provide confidential screenshots, documents, or local images, and the code will exfiltrate them off-host by design.

External Transmission

Medium
Category
Data Exfiltration
Content
# Process image (convert to base64 if needed)
    processed_image_url = process_image_url(image_url)
    
    url = "https://api.minimaxi.com/v1/coding_plan/vlm"
    
    payload = {
        "prompt": prompt,
Confidence
89% confidence
Finding
https://api.minimaxi.com/

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal