安全决策报告
minimax-image-gen
The skill performs legitimate image generation but disables SSL certificate verification while claiming SSL/TLS encryption in documentation - a doc-to-code mismatch creating MITM vulnerability risk.
最直接的威胁证据
高危 文档欺骗
SSL/TLS security claim contradicts code implementation SKILL.md lists 'SSL/TLS 加密传输' under security features, but scripts/gen.py disables SSL certificate verification at lines 171-172 and 226-227, creating vulnerability to man-in-the-middle attacks.
scripts/gen.py:171 为什么得出这个结论
1/4 个维度触发 通过
声明与实际能力
声明资源与推断能力基本一致。
复核
隐藏执行与外联
提取到 7 个一般风险产物,需要结合上下文判断。
阻止
攻击链与高危发现
报告包含 0 步攻击链,另有 1 项高危或严重发现。
复核
依赖与供应链卫生
没有完整依赖信息,供应链判断需要保留弹性。
风险分是怎么被拉高的
SSL verification disabled +25
Lines 171-172 and 226-227 disable hostname checking and certificate verification via ssl.CERT_NONE
Documentation deception +15
SKILL.md claims 'SSL/TLS 加密传输' but code actually disables SSL verification
No malicious indicators +-10
No credential exfiltration, no reverse shell, no C2 communication detected
subprocess usage documented +-5
Cross-platform image preview (open/xdg-open) declared in SKILL.md under '跨平台支持'
最关键的证据
高危 文档欺骗
SSL/TLS security claim contradicts code implementation
SKILL.md lists 'SSL/TLS 加密传输' under security features, but scripts/gen.py disables SSL certificate verification at lines 171-172 and 226-227, creating vulnerability to man-in-the-middle attacks.
scripts/gen.py:171 Set ctx.check_hostname = True and ctx.verify_mode = ssl.CERT_REQUIRED, or remove the custom SSL context entirely to use system defaults.
中危 敏感访问
Reads API configuration from OpenClaw config file
The script searches for API keys in ~/.openclaw/openclaw.json and parent directories. While not exfiltrating data, this accesses configuration files outside the skill's declared scope.
scripts/gen.py:206 Document this behavior in SKILL.md or limit to only explicitly configured paths.
声明能力 vs 实际能力
网络访问 通过
声明 READ
→ 推断 READ
SKILL.md:requires:env MINIMAX_API_KEY - legitimate API calls 文件系统 通过
声明 WRITE
→ 推断 WRITE
scripts/gen.py:280-290 - saves images to output directory 命令执行 通过
声明 WRITE
→ 推断 WRITE
scripts/gen.py:263-270 - cross-platform image preview (open/xdg-open) 环境变量 通过
声明 READ
→ 推断 READ
scripts/gen.py:199 - reads MINIMAX_API_KEY 可疑产物与外联
中危 外部 URL
https://platform.minimaxi.com/docs/api-reference/image-generation-t2i SKILL.md:4
中危 外部 URL
https://img.shields.io/badge/GitHub-neuroXY-blue SKILL.md:22
中危 外部 URL
https://img.shields.io/badge/Version-1.1.0-green SKILL.md:23
中危 外部 URL
https://img.shields.io/badge/Platform-Windows%2FMac%2FLinux-yellow SKILL.md:24
中危 外部 URL
https://img.shields.io/badge/License-MIT-orange SKILL.md:25
中危 外部 URL
https://platform.minimaxi.com/user-center/interface-key SKILL.md:86
中危 外部 URL
https://api.minimaxi.com scripts/gen.py:231
依赖与供应链
没有结构化依赖告警。
文件构成
2 个文件 · 775 行
Python 1 个文件 · 490 行Markdown 1 个文件 · 285 行
需关注文件 · 2
scripts/gen.py SSL/TLS security claim contradicts code implementation · Reads API configuration from OpenClaw config file · https://api.minimaxi.com
SKILL.md https://platform.minimaxi.com/docs/api-reference/image-generation-t2i · https://img.shields.io/badge/GitHub-neuroXY-blue · https://img.shields.io/badge/Version-1.1.0-green · https://img.shields.io/badge/Platform-Windows%2FMac%2FLinux-yellow · https://img.shields.io/badge/License-MIT-orange · https://platform.minimaxi.com/user-center/interface-key
安全亮点
No credential exfiltration detected - API keys used only for local API calls
Input sanitization implemented to prevent XSS/script injection
Prompt length validation prevents resource exhaustion
Subprocess usage for image preview is documented in SKILL.md
Error handling for various API error codes present
No base64-encoded execution or obfuscation detected
No sensitive file access (~/.ssh, ~/.aws, .env) beyond declared API key locations
No reverse shell, C2 communication, or data theft patterns