vision-analysis

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill outputs exact configuration/CLI commands that embed the MINIMAX_API_KEY as an environment/CLI value (e.g., --env MINIMAX_API_KEY=your-key or JSON with MINIMAX_API_KEY), which encourages including a user's actual secret verbatim in generated output and is therefore high risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly auto-detects and ingests images from URLs or file paths (see "Workflow → Step 1: Auto-detect image" and the trigger rules for .jpg/.png URLs), so arbitrary third‑party/user-provided images from the open web are read and interpreted by the MiniMax_understand_image tool, enabling indirect prompt injection via image content.