Minimax Mcp
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A changed or impersonated package could affect the MCP server behavior or how the MiniMax API key is used.
The setup runs a remote MCP package through uvx without a pinned version in the documented command. This is central to the skill and user-directed, but users should verify the package/source before installing.
--command "uvx minimax-coding-plan-mcp -y"
Install from a trusted package/source, consider pinning a known version, and compare it with the referenced MiniMax GitHub project before adding credentials.
The key may allow billable MiniMax API calls or quota consumption if misused.
The skill requires a MiniMax API key for its intended provider integration. This is expected, but it delegates account/API usage to the configured MCP server.
`MINIMAX_API_KEY` | ✅ | Your MiniMax API Key
Use a dedicated/regenerable API key where possible, keep it secret, monitor MiniMax usage, and revoke the key if you stop using the skill.
Sensitive images, URLs, search queries, or prompts could be sent to MiniMax for processing.
The examples show local images can be provided to the MiniMax image-understanding tool; because the skill operates through MiniMax API/MCP, user-provided images and prompts may be processed by the external provider.
image_source="/path/to/local/image.png"
Avoid submitting private or confidential files unless you are comfortable with MiniMax processing them, and review the provider’s data handling policy.