minimax-understand-image

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). Insecure: the skill asks the agent to obtain API keys from the user or from local files and includes commands that print and write the API key verbatim (e.g., cat ... to extract api_key, asking the user for the key, and a heredoc that embeds "API密钥"), which requires exposing secrets in output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly accepts arbitrary image URLs (see SKILL.md Step 4.2) and scripts/understand_image.py sends that third‑party image content to the minimax MCP 'understand_image' tool for interpretation, so untrusted, user-hosted content is fetched/ingested and can materially influence the tool's outputs.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's installation step runs a remote installer via curl -LsSf https://astral.sh/uv/install.sh | sh which fetches and executes remote code (used to install the required uvx runtime that the skill calls), creating a high-confidence supply-chain execution risk.