Skills
skills/yangagent/minimax-tts-pipeline-skill/minimax-tts-pipeline/Snyk

minimax-tts-pipeline

Fail

Audited by Snyk on Jun 13, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). 流程要求向用户询问 MiniMax API Key 并将用户提供的密钥以 MINIMAX_API_KEY=<值> 的形式追加到 <SKILL_DIR>/.env,意味着 LLM 必须接收并原样包含/输出该密钥,存在敏感信息泄露风险。

Issues (1)

W007
HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata
Risk Level
HIGH
Analyzed
Jun 13, 2026, 07:31 AM
Issues
1
Security Audit — snyk — minimax-tts-pipeline