minimax-web-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill asks the agent to prompt the user for a MiniMax API key and includes a heredoc example that writes the API key into ~/.openclaw/config/minimax.json (embedding the secret directly in generated commands/output), so the LLM would need to handle/output the secret verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (SKILL.md Step 4) and scripts/web_search.py clearly call the MCP "web_search" tool via the local MCP process (uvx minimax-coding-plan-mcp) to perform web searches and return JSON search results from public websites, so the agent will ingest and act on untrusted third-party web content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's installation step explicitly runs a remote installer with "curl -LsSf https://astral.sh/uv/install.sh | sh", which would fetch and execute remote code and is required to provide the uvx runtime the skill depends on.