Minimax-Multimodal-Toolkit
PassAudited by VirusTotal on May 9, 2026.
Overview
Type: OpenClaw Skill Name: minimax-multimodal Version: 1.0.2 The skill bundle provides documentation and instructions for an agent to use the 'mmx-cli' tool, which interfaces with the MiniMax AI platform for text, image, video, and audio generation. The instructions in SKILL.md are well-structured, focusing on legitimate API interactions and standard CLI practices (e.g., JSON output, non-interactive flags). There are no signs of data exfiltration, malicious execution, or prompt injection intended to subvert the agent's behavior.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the CLI could run or later execute code from the npm package, so the safety of that package matters.
The skill directs installation of a global npm CLI without a pinned version. This is central to the stated purpose, but users rely on an external package that was not included in the reviewed artifacts.
npm install -g mmx-cli
Install from the official MiniMax/mmx source if available, verify the package name and version, and consider pinning a known-good version.
Anyone or anything that can read the stored credential may be able to use the MiniMax account within the key's permissions.
The guide requires or allows a MiniMax API key and states it is stored locally. This is expected for the provider integration, but it grants account/API authority.
mmx auth login --api-key sk-xxxxx ... Auth (persisted to ~/.mmx/credentials.json)
Use a minimally scoped API key if MiniMax supports it, keep ~/.mmx/credentials.json private, and revoke/rotate the key if the device is shared or compromised.
The agent may proceed without an interactive confirmation, which could matter for quota-consuming, billing-related, or resource-changing actions.
The guide recommends using a no-confirmation flag in agent/CI contexts. This is disclosed and may be intended for automation, but it can remove a safety check for account or resource operations.
Always use these flags in non-interactive (agent/CI) contexts: ... `--yes` | Skip confirmation prompts
Use --yes only when the requested action is clearly approved, and require explicit user confirmation for costly, destructive, public, or account-management operations.
Prompts, text files, images, first frames, or webhook destinations chosen for a command may be shared with MiniMax or the specified callback endpoint.
The CLI can send selected local files or URLs to the MiniMax service and can use a callback/webhook URL for video completion. These flows are aligned with media generation, but they cross local/provider boundaries.
`--subject-ref <params>` ... `image=path-or-url`; `--first-frame <path-or-url>`; `--text-file <path>`; `--callback-url <url>`
Only provide files, prompts, and callback URLs that are intended for MiniMax processing, and avoid sending confidential material unless the provider terms and account settings are acceptable.