The Agent Skills Directory

[SAFE]: The skill uses environment variables for sensitive data like API keys (MINIMAX_API_KEY), following standard security practices for secret management.
[SAFE]: All network operations are directed to official MiniMax API endpoints (api.minimaxi.com and api.minimax.io). No unauthorized external domains were detected.
[SAFE]: The scripts use jq with the --arg flag to construct JSON payloads, which effectively prevents injection attacks by ensuring data is treated as strings rather than executable code.
[SAFE]: Subprocess calls are restricted to well-known, legitimate media processing and utility tools including ffmpeg, ffprobe, curl, jq, and xxd.
[SAFE]: The skill implements a robust environment check (scripts/check_environment.sh) to verify prerequisites and connectivity before execution.
[SAFE]: Local file handling is performed using provided paths with no evidence of directory traversal or unauthorized access to sensitive system files.
[SAFE]: The instructions in SKILL.md are purely operational and do not contain any patterns indicative of prompt injection or attempts to override agent safety protocols.

minimax-multimodal-toolkit