中文 EN

扫描报告

扫描新文件

高风险 — 风险评分 68/100
上次扫描:21 小时前 重新扫描
68 /100
minimax-web-search
使用 MiniMax Coding Plan API 进行网页搜索和图像理解
Hardcoded API key embedded in source code with inadequate security warnings creates critical credential exposure risk.
技能名称minimax-web-search
分析耗时37.2s
引擎pi
不要安装此技能
Remove hardcoded API key from source code. Use environment variables or a secure secrets manager. Rotate the exposed key immediately.

攻击链 4 步

提权 API key hardcoded in mmsearch.py line 11
scripts/mmsearch.py:11
提权 API key duplicated in mmvision.py line 11
scripts/mmvision.py:11
影响 Attacker extracts key from source code, uses MiniMax API at victim's expense
scripts/mmsearch.py:11
影响 Victim shares skill with exposed credentials in documentation
SKILL.md:31

安全发现 4 项

严重性 安全发现 位置
严重
Hardcoded API Key in Source Code 凭证窃取
A complete MiniMax API key is embedded in plaintext in scripts/mmsearch.py and scripts/mmvision.py. This key grants access to the MiniMax Coding Plan API and can be extracted by anyone with read access to the source code.
os.environ["MINIMAX_API_KEY"] = "sk-cp-_opubDWoTJY5qpJAoI_AFpXQ_RC4rMuuHzCFeNKLQHwXzykGUAyD-k7wKHiwiGNJB8Op-s_AZqXCeXtSgjBEQMjNHOvGlKutYUx6brckZBFhrqbzj4xWvK4"
→ Remove the hardcoded key. Read from environment variable MINIMAX_API_KEY with fallback prompt or error. Example: os.environ.get('MINIMAX_API_KEY')
 scripts/mmsearch.py:11
严重
Duplicate Hardcoded API Key 凭证窃取
The same API key is duplicated in scripts/mmvision.py, line 11
os.environ["MINIMAX_API_KEY"] = "sk-cp-_opubDWoTJY5qpJAoI_AFpXQ_RC4rMuuHzCFeNKLQHwXzykGUAyD-k7wKHiwiGNJB8Op-s_AZqXCeXtSgjBEQMjNHOvGlKutYUx6brckZBFhrqbzj4xWvK4"
→ Remove duplicate. Use a shared config or environment variable.
 scripts/mmvision.py:11
中危
Misleading Security Documentation 文档欺骗
SKILL.md presents the hardcoded key as a feature ('已内置在脚本中' - built into scripts) rather than disclosing it as a security risk. Users may unknowingly share this skill with exposed credentials.
MINIMAX_API_KEY 环境变量(已内置在脚本中)
→ Update documentation to warn users: (1) Key must be rotated if exposed, (2) Key should ideally be provided by users, (3) Do not commit this file to public repos
 SKILL.md:31
低危
Unpinned Dependency Version 供应链
The uvx command runs 'minimax-coding-plan-mcp' without version pinning, which could allow a malicious package update
["uvx", "minimax-coding-plan-mcp", "-y"]
→ Pin to specific version: uvx minimax-coding-plan-mcp==X.Y.Z
 scripts/mmsearch.py:23
资源类型声明权限推断权限状态证据
文件系统 READ READ ✓ 一致 SKILL.md declares file access for scripts
网络访问 READ READ ✓ 一致 Makes API calls to api.minimaxi.com
命令执行 WRITE WRITE ✓ 一致 subprocess.Popen for uvx command execution
1 项发现
🔗
中危 外部 URL 外部 URL
https://api.minimaxi.com
scripts/mmsearch.py:11

目录结构

3 文件 · 7.2 KB · 267 行
Python 2f · 223L Markdown 1f · 44L
├─ 📁 scripts
│ ├─ 🐍 mmsearch.py Python 108L · 2.8 KB
│ └─ 🐍 mmvision.py Python 115L · 3.1 KB
└─ 📝 SKILL.md Markdown 44L · 1.3 KB

依赖分析 2 项

包名版本来源已知漏洞备注
uvx * pip CLI tool runner, no known CVEs
minimax-coding-plan-mcp * uvx Version not pinned - potential supply chain risk

安全亮点

✓ No reverse shell or C2 infrastructure detected
✓ Network calls limited to legitimate API endpoint (api.minimaxi.com)
✓ No credential exfiltration beyond the self-contained API key
✓ subprocess usage is documented and expected for CLI tool wrappers
✓ No base64 obfuscation or anti-analysis techniques
✓ No sensitive file access (no ~/.ssh, ~/.aws, .env reading)