Skills
skills/nmvr2600/minimax-token-plan-skills/minimax-search/Gen Agent Trust Hub

minimax-search

Fail

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: HIGHDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill directs network requests to api.minimaxi.com and api.minimaxi.chat. These domains are typosquatted variations of the official MiniMax AI domains (e.g., minimax.chat), which is a characteristic pattern for exfiltrating sensitive credentials to attacker-controlled infrastructure.- [CREDENTIALS_UNSAFE]: The skill instructs users to store a MINIMAX_API_KEY in their environment and then transmits this secret to the aforementioned suspicious domains.- [PROMPT_INJECTION]: The skill retrieves and processes untrusted data from the web, exposing the agent to indirect prompt injection attacks.\n
  • Ingestion points: Search results (titles, snippets) fetched in scripts/search.ts.\n
  • Boundary markers: No delimiters or safety instructions are used to isolate the retrieved content.\n
  • Capability inventory: The script performs network requests and outputs data to the system console.\n
  • Sanitization: The retrieved content is not sanitized or validated before processing.- [REMOTE_CODE_EXECUTION]: The script scripts/search.ts imports core functionality from ../../../scripts/vendor/minimax-core. This relative import points to code outside the skill's own directory, making the full execution logic unverified within the scope of the individual skill package.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 3, 2026, 09:01 AM