Back to skill

Security audit

minimax-speech

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward MiniMax speech API wrapper with expected privacy and account-management cautions around voice cloning and deletion.

Install only if you intend to send text and selected audio to MiniMax. Use a dedicated API key where possible, upload only voices you have permission to clone, and double-check voice IDs before running delete commands because the skill does not add its own confirmation step.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation indicates use of environment variables and network-backed API access, but there is no declared permissions model to make those capabilities explicit. This can mislead users and hosting platforms about what the skill will access, reducing informed consent and weakening policy enforcement around secret handling and outbound connections.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill supports local file output, voice cloning, remote API submission, and voice deletion, but the documentation does not clearly warn users about privacy, consent, data retention, or destructive operations. In this context, voice cloning is especially sensitive because audio samples may contain biometric data, and deletion actions can remove assets irreversibly if invoked without clear confirmation semantics.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The voice cloning function reads a local audio file, base64-encodes it, and transmits it to a third-party API, but the CLI provides no explicit warning or consent step. This is a real privacy/security concern because users may unintentionally upload sensitive or biometric voice data off-host, and voiceprints are difficult to revoke once exposed.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The delete_voice command performs a destructive remote action immediately based on a supplied voice_id, with no confirmation prompt, dry-run mode, or irreversibility warning. In an agent or automation context, this increases the risk of accidental deletion of remote assets through user error, prompt injection, or misrouted commands.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.