minimax-image-understand

SUSPICIOUS: the skill's stated purpose is plausible, but its documented setup is inconsistent with MiniMax's official MCP installation path, and the actual script handling the API key is not provided. No clear exfiltration lure or malicious installer appears, but the provenance and data-flow gaps make it medium risk rather than benign.