Skills
skills/cat-xierluo/legal-skills/minimax-web-search/Gen Agent Trust Hub

minimax-web-search

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: In scripts/web_search.py, the skill uses uvx to dynamically download and execute the minimax-coding-plan-mcp package at runtime to provide search functionality.
  • [COMMAND_EXECUTION]: The skill executes shell commands to initialize the MCP server using StdioServerParameters in the web_search.py script.
  • [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8) as it retrieves data from the internet and injects it into the agent's context.
  • Ingestion points: scripts/web_search.py ingests untrusted search results (titles, links, and snippets) from the web via the MiniMax tool.
  • Boundary markers: Absent. The search results are returned as raw text or JSON structures without clear delimiters to prevent the agent from obeying instructions found in search results.
  • Capability inventory: The agent uses these results to answer user questions, potentially exposing it to malicious instructions embedded in third-party websites.
  • Sanitization: No filtering or sanitization of the retrieved content is performed before returning it to the agent.
  • [DATA_EXFILTRATION]: The skill transmits user queries to https://api.minimaxi.com. This is the official endpoint for the service described and is considered a well-known service operation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 02:16 AM