← 返回 Skills 市场

MiniMax Token Plan Tool

Name: MiniMax Token Plan Tool
Author: yorch233

作者 Yorch · GitHub ↗ · v1.1.5 · MIT-0

cross-platform ⚠ suspicious

915

总下载

当前安装

版本数

在 OpenClaw 中安装

/install minimax-token-plan-tool

功能描述

A lightweight MiniMax Token Plan Tool skill that directly calls official MCP APIs using pure JavaScript. No external MCP servers. No subprocess invocation. D...

安全使用建议

This skill appears to implement exactly what it claims: a Node.js client for MiniMax Token Plan APIs. Before installing: 1) Only provide a Token Plan API key (not broader credentials), and prefer a key with limited scope; 2) Understand that local images submitted will be uploaded to MiniMax—do not send sensitive or regulated images; 3) MINIMAX_API_HOST is limited to the two official hosts per SKILL.md—verify you use the correct host for your token; 4) If you require higher assurance, review the full minimax_token_plan_tool.js source (it performs DNS checks and blocks private IPs for remote image fetches) and consider running it in a sandboxed environment or with a service account whose key can be rotated. Overall the skill is coherent and proportional to its stated purpose.

功能分析

Type: OpenClaw Skill Name: minimax-token-plan-tool Version: 1.1.5 The skill provides tools for web search, image understanding, and quota management using the MiniMax API. The implementation in minimax_token_plan_tool.js is well-structured and includes robust security measures, such as SSRF protection (blocking private IP ranges and localhost) and strict validation of API hosts. The documentation in SKILL.md transparently discloses the risk of local image data being sent to the remote API for processing, which is consistent with the tool's stated purpose.

能力评估

✓ Purpose & Capability

The skill is a Node.js tool that directly calls MiniMax Token Plan APIs. It declares node and MINIMAX_API_KEY / MINIMAX_API_HOST, which are exactly what a direct-API implementation needs. There are no unrelated credentials, binaries, or configuration paths requested.

✓ Instruction Scope

SKILL.md and the JS implement the three documented tools (web_search, understand_image, remains). The instructions explicitly document how to run the node script, how local images are handled (converted to base64 and uploaded), and warn about outbound network/data-leak risk. The runtime actions (DNS resolution, HTTP(S) requests, file reads for local images) are consistent with the described features and do not reference or exfiltrate data to unexpected endpoints.

✓ Install Mechanism

There is no install spec; this is instruction-plus-script only. No code is downloaded from external URLs during install and no archives are extracted. This is the lowest-risk install model and matches the skill's stated 'pure JavaScript, no external server' claim.

✓ Credentials

Only MINIMAX_API_KEY (primary) and optional MINIMAX_API_HOST are required, which is proportionate for a direct API client. The code only reads these environment variables and does not request unrelated secrets or access to other services.

✓ Persistence & Privilege

The skill does not request always:true and has no install steps that modify other skills or system-wide settings. It runs as an invoked Node.js script and does not persist elevated privileges or auto-enable itself.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install minimax-token-plan-tool
安装完成后，直接呼叫该 Skill 的名称或使用 /minimax-token-plan-tool 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.1.5

minimax-token-plan-tool 1.1.5 - Updated SKILL.md to clarify quota time fields

v1.1.4

minimax-token-plan-tool 1.1.4 - Updated quota usage period documentation in Tool 3 ("minimax_token_plan_remains") to clarify that all times are in UTC+0, and to specify quota intervals for each model type. - Removed previous explicit table-based response format recommendation; now provides a concise note on interpreting reset periods and time zones.

v1.1.3

- Tightened security for image understanding: remote image fetching now restricts access to public HTTP/HTTPS URLs only, and blocks localhost, private networks, unsupported ports, and excessive redirects. - Updated documentation to reflect these new image fetch restrictions.

v1.1.2

- Now strictly enforces accepted values for MINIMAX_API_HOST: only https://api.minimaxi.com and https://api.minimax.io are supported. - Documentation clarifies that if MINIMAX_API_HOST is unset, it defaults to https://api.minimaxi.com. - Other documentation references to API host options and configuration have been updated for accuracy.

v1.1.1

- Removed alternative and JSON-based OpenClaw configuration instructions from documentation for simpler setup guidance. - Updated CLI usage examples to omit requirement for explicitly setting environment variables in command-line invocations. - Improved separation and clarity in configuration and setup instructions.

v1.1.0

- Fix small issues

v1.0.5

- Do not use the default API host in the code

v1.0.4

minimax-token-plan-tool v1.0.4 - Rename to "minimax-token-plan-tool" with new configuration and API endpoints. - Added support for querying remaining Token Plan usage and quota via the new minimax_token_plan_remains tool. - The previous CLI and dynamic tool registration file (minimax_coding_plan_tool.js) was removed. - Updated documentation for new environment variable requirements (MINIMAX_API_KEY, MINIMAX_API_HOST) and improved setup instructions. - Now supports both China Mainland and Global MiniMax Token Plan deployments (with guidance on key/host compatibility).

v1.0.3

Modified the JS code to throw errors when encountering non-image file extensions.

v1.0.2

- Updated the skill metadata to use a new format with enhanced OpenClaw compatibility. - Added a security notice to the image understanding tool, warning users about potential data leakage when uploading local images. - Clarified that only mainstream image formats (JPEG/JPG, PNG, WebP, GIF) are supported for image understanding.

v1.0.1

- Added explicit support for MINIMAX_API_KEY environment variable usage in CLI examples and metadata. - Updated documentation and tool invocation instructions to require MINIMAX_API_KEY for all commands. - Enhanced SKILL.md metadata to specify environment and binary dependencies. - Unified CLI examples for consistency regarding API key usage. - Renamed implementation file to follow snake_case naming convention.

v1.0.0

Initial release of the MiniMax Coding Plan Tool skill: - Provides lightweight JavaScript integration for MiniMax Coding Plan (MCP) APIs. - No external MCP server, tool bridge, or subprocesses required; direct HTTPS API calls. - Implements two tools: real-time web search (minimax_web_search) and image understanding (minimax_understand_image). - Minimal resource usage and quick integration within OpenClaw. - Requires a Coding Plan API key for operation.

元数据

Slug minimax-token-plan-tool

版本 1.1.5

许可证 MIT-0

累计安装 8

当前安装数 8

历史版本数 12

常见问题

MiniMax Token Plan Tool 是什么？

A lightweight MiniMax Token Plan Tool skill that directly calls official MCP APIs using pure JavaScript. No external MCP servers. No subprocess invocation. D... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 915 次。

如何安装 MiniMax Token Plan Tool？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install minimax-token-plan-tool」即可一键安装，无需额外配置。

MiniMax Token Plan Tool 是免费的吗？

是的，MiniMax Token Plan Tool 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

MiniMax Token Plan Tool 支持哪些平台？

MiniMax Token Plan Tool 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 MiniMax Token Plan Tool？

由 Yorch（@yorch233）开发并维护，当前版本 v1.1.5。