Weather 1.0.0
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A city name, airport code, or coordinates used in a query may be visible to the external weather service.
The skill sends location coordinates to an external weather provider; this is expected for the purpose, but users should understand the data leaves their environment.
curl -s "https://api.open-meteo.com/v1/forecast?latitude=51.5&longitude=-0.12¤t_weather=true"
Use only locations you are comfortable sending to the weather provider, and avoid sharing unnecessarily precise coordinates if approximate weather is sufficient.
A network observer could potentially see or modify a wttr.in query or response if it is made over unencrypted HTTP.
The primary wttr.in examples use curl with a scheme-less URL; if run as written, this may default to plaintext HTTP rather than explicitly using HTTPS.
curl -s "wttr.in/London?format=3"
Prefer explicit HTTPS URLs, such as `https://wttr.in/London?format=3`, when using the wttr.in examples.