auto-review-loop-minimax

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly sends project context to the third-party MiniMax reviewer (via mcp__minimax-chat__minimax_chat or curl to https://api.minimax.io) and requires saving the raw reviewer response verbatim and using its action items to drive code changes, experiments, and next actions, so untrusted external content can directly influence tool use and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill calls the external MiniMax chat API at https://api.minimax.io/v1/chat/completions at runtime (with an MCP tool fallback), and the returned text is saved verbatim and parsed to decide scores, verdicts, and the agent's next actions—so remote content directly controls the agent and is a required dependency.