MiniMax Excel

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Office document skill; its macro-enabled Excel support deserves caution but is disclosed and aligned with the stated purpose.

Safe to install for document-generation use, but be careful with .xlsm files: only preserve or create macros from trusted sources, review VBA before distribution, and prefer .xlsx when macros are not needed. Also treat the MiniMax/source and implementation claims as unverified unless the publisher provides code or an upstream reference.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly promotes preservation of VBA macros and embedding of automation scripts in .xlsm files, but provides no warning, gating, or trust boundary around active content. In the context of generated Excel files, macros are a well-known malware delivery vector and can lead to code execution, credential theft, or malicious document propagation when users open the output.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal