Security audit

MiniMax Image Generation

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal MiniMax image-generation skill that sends prompts or chosen reference images to MiniMax and saves generated images locally.

Install only if you are comfortable sending prompts and any selected reference images to MiniMax using your API key. Avoid private, regulated, or copyrighted images unless you are allowed to share them with that provider, monitor API usage, and delete generated local files when no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill demonstrates access to environment variables and outbound network communication, but the metadata does not declare corresponding permissions or capabilities. This creates a transparency and governance gap: users and the hosting platform may not realize the skill can read secrets and transmit data externally, which increases the risk of unintended data exposure and weakens permission enforcement.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill states that generated images are automatically saved locally and that reference images are uploaded to an external API, but it does not clearly warn users about local retention, third-party processing, or privacy implications. If users supply personal or sensitive images, they may unknowingly consent to external transmission and persistent storage, which can lead to privacy violations or policy non-compliance.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: When --local is used, the script base64-encodes the entire local image and sends it to a remote API without an explicit consent prompt or clear disclosure at the point of use. This can cause unintended transfer of sensitive local files, especially in agent-driven contexts where users may not realize a local reference image is uploaded externally.

External Transmission

Medium

Category: Data Exfiltration
Content: "Content-Type": "application/json" } response = requests.post(URL, json=payload, headers=headers) result = response.json() image_url = result["data"]["image_urls"][0]
Confidence: 89% confidence
Finding: requests.post(URL, json=

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.