minimax-web-search Security Report — High Risk | ClawSafe

68 /100

minimax-web-search

使用 MiniMax Coding Plan API 进行网页搜索和图像理解

Hardcoded API key embedded in source code with inadequate security warnings creates critical credential exposure risk.

Skill Nameminimax-web-search

Duration37.2s

Enginepi

⛔

Do not install this skill

Remove hardcoded API key from source code. Use environment variables or a secure secrets manager. Rotate the exposed key immediately.

Attack Chain 4 steps

⬡

Escalation API key hardcoded in mmsearch.py line 11

scripts/mmsearch.py:11

⬡

Escalation API key duplicated in mmvision.py line 11

scripts/mmvision.py:11

◉

Impact Attacker extracts key from source code, uses MiniMax API at victim's expense

scripts/mmsearch.py:11

◉

Impact Victim shares skill with exposed credentials in documentation

SKILL.md:31

Findings 4 items

Severity	Finding	Location
Critical	Hardcoded API Key in Source Code Credential Theft A complete MiniMax API key is embedded in plaintext in scripts/mmsearch.py and scripts/mmvision.py. This key grants access to the MiniMax Coding Plan API and can be extracted by anyone with read access to the source code. `os.environ["MINIMAX_API_KEY"] = "sk-cp-_opubDWoTJY5qpJAoI_AFpXQ_RC4rMuuHzCFeNKLQHwXzykGUAyD-k7wKHiwiGNJB8Op-s_AZqXCeXtSgjBEQMjNHOvGlKutYUx6brckZBFhrqbzj4xWvK4"` → Remove the hardcoded key. Read from environment variable MINIMAX_API_KEY with fallback prompt or error. Example: os.environ.get('MINIMAX_API_KEY')	`scripts/mmsearch.py:11`
Critical	Duplicate Hardcoded API Key Credential Theft The same API key is duplicated in scripts/mmvision.py, line 11 `os.environ["MINIMAX_API_KEY"] = "sk-cp-_opubDWoTJY5qpJAoI_AFpXQ_RC4rMuuHzCFeNKLQHwXzykGUAyD-k7wKHiwiGNJB8Op-s_AZqXCeXtSgjBEQMjNHOvGlKutYUx6brckZBFhrqbzj4xWvK4"` → Remove duplicate. Use a shared config or environment variable.	`scripts/mmvision.py:11`
Medium	Misleading Security Documentation Doc Mismatch SKILL.md presents the hardcoded key as a feature ('已内置在脚本中' - built into scripts) rather than disclosing it as a security risk. Users may unknowingly share this skill with exposed credentials. `MINIMAX_API_KEY 环境变量（已内置在脚本中）` → Update documentation to warn users: (1) Key must be rotated if exposed, (2) Key should ideally be provided by users, (3) Do not commit this file to public repos	`SKILL.md:31`
Low	Unpinned Dependency Version Supply Chain The uvx command runs 'minimax-coding-plan-mcp' without version pinning, which could allow a malicious package update `["uvx", "minimax-coding-plan-mcp", "-y"]` → Pin to specific version: uvx minimax-coding-plan-mcp==X.Y.Z	`scripts/mmsearch.py:23`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	SKILL.md declares file access for scripts
Network	`READ`	`READ`	✓ Aligned	Makes API calls to api.minimaxi.com
Shell	`WRITE`	`WRITE`	✓ Aligned	subprocess.Popen for uvx command execution

1 findings

🔗

Medium External URL 外部 URL

https://api.minimaxi.com

scripts/mmsearch.py:11

File Tree

3 files · 7.2 KB · 267 lines

Python 2f · 223L Markdown 1f · 44L

├─ ▾ 📁 scripts

│ ├─ 🐍 mmsearch.py Python 108L · 2.8 KB

│ └─ 🐍 mmvision.py Python 115L · 3.1 KB

└─ 📝 SKILL.md Markdown 44L · 1.3 KB

Dependencies 2 items

Package	Version	Source	Known Vulns	Notes
`uvx`	`*`	pip	No	CLI tool runner, no known CVEs
`minimax-coding-plan-mcp`	`*`	uvx	No	Version not pinned - potential supply chain risk

Security Positives

✓ No reverse shell or C2 infrastructure detected

✓ Network calls limited to legitimate API endpoint (api.minimaxi.com)

✓ No credential exfiltration beyond the self-contained API key

✓ subprocess usage is documented and expected for CLI tool wrappers

✓ No base64 obfuscation or anti-analysis techniques

✓ No sensitive file access (no ~/.ssh, ~/.aws, .env reading)

Scan Report

Attack Chain 4 steps

Findings 4 items

File Tree

Dependencies 2 items

Security Positives