mmx-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples of inline API keys (e.g., --api-key sk-xxxxx and export MINIMAX_API_KEY=sk-xxxxx) and shows using keys as direct CLI arguments, which would require the agent/LLM to include secret values verbatim in generated commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly accepts and fetches arbitrary public URLs and web content (e.g., mmx vision describe --image , mmx music cover --audio which can auto-extract lyrics, and mmx search query --q) that the agent ingests and interprets as part of its workflows, so untrusted third-party content could indirectly inject instructions affecting subsequent actions.