minimax-use
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The scripts load an API key from '~/apikey.json' or the 'MINIMAX_API_KEY' environment variable. This is a common practice for local tool configuration and secret management.
- [EXTERNAL_DOWNLOADS]: The skill utilizes 'uvx' to download and execute the 'minimax-coding-plan-mcp' package at runtime. It also references the official installation script for the 'uv' tool from Astral ('https://astral.sh/uv/install.sh') in its error handling logic.
- [COMMAND_EXECUTION]: The 'understand_image.py' and 'web_search.py' scripts use 'subprocess.Popen' to invoke the 'uvx' command-line utility, which manages the lifecycle of the skill's MCP components.
- [PROMPT_INJECTION]: The skill processes user-supplied search queries, image prompts, and remote image URLs without explicit sanitization or boundary markers, creating a standard surface for indirect prompt injection common in LLM-integrated tools.
- Ingestion points: Command-line arguments ('sys.argv') in all scripts.
- Boundary markers: None identified.
- Capability inventory: Subprocess execution ('subprocess.Popen') and network operations ('requests.post').
- Sanitization: None identified; input is passed directly to API endpoints or subprocesses.
Audit Metadata