minimax-web-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to ask the user for the MiniMax API key and shows commands that write the key verbatim into a config file and print it (cat ... | python3 -c ...), so the LLM would handle and output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly calls the Minimax MCP "web_search" tool (see SKILL.md step 4 and scripts/web_search.py) to perform web searches and prints/parses the returned search/result data, meaning it ingests arbitrary public web content that the agent will read and that could influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's first-time install step requires running a remote installer (curl -LsSf https://astral.sh/uv/install.sh | sh) to install uvx (a required dependency), which fetches and executes remote code at setup/runtime.