MiniMax Token Plan Tool

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed MiniMax API client; its main risk is that user-selected images are sent to MiniMax for analysis.

Install only if you are comfortable sending search queries, prompts, quota requests, and any selected images to MiniMax. Avoid using confidential, private, or regulated images with the image tool, and verify MINIMAX_API_HOST is one of the documented MiniMax hosts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 93% confidence
Finding: The image-understanding path accepts either a remote URL or a local file path, reads or downloads the image, and then forwards the full content to the external MiniMax API. This creates a real data-exposure boundary that is not obvious from the skill description and can cause unintended exfiltration of local files or user-supplied remote content to a third party.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The tool uploads processed images to the MiniMax VLM endpoint, including local file contents and remotely fetched images, but the user-facing tool description does not clearly warn that this data leaves the local environment. In agent settings, that omission is security-relevant because users may assume only local analysis occurs and may inadvertently send sensitive images or documents off-host.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal