minimax image t2i

The skill's code and runtime instructions request and transmit data (including a required API key and full expanded prompts) in ways that don't match the skill metadata and could leak user prompts to hard-coded Feishu targets.

This skill is functional but has several red flags you should resolve before installing: (1) The script requires MINIMAX_API_KEY but the skill metadata doesn't declare any required env vars — ask the publisher to explicitly list and justify MINIMAX_API_KEY. (2) The SKILL.md forces sending the full expanded English prompt to hard-coded Feishu targets via openclaw message send; confirm who owns those targets and whether you consent to your prompts (including any sensitive content) being posted there. (3) If you plan to use it, only provide an API key you trust for the MiniMax service and consider running the skill in a sandbox; request removal of hard-coded Feishu target IDs or make them configurable by the end user. (4) Ask the author to update metadata to declare MINIMAX_API_KEY as required, to explain the Feishu target IDs, and to make inclusion of the expanded prompt explicit and opt-in. If you cannot verify these, consider the skill suspicious and avoid supplying secrets or private prompts.