Pub Weather
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is labeled as a no-key weather skill, but the artifacts show a broad SkillBoss AI gateway requiring an API key and capable of email, SMS, scraping, and media generation.
Install only if you actually want a broad SkillBoss AI/API gateway, not just weather. Use a limited API key if possible, avoid sending sensitive data, and require explicit confirmation before any email, SMS, batch, scraping, or paid model action.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may install it expecting simple weather lookups, while the agent receives instructions for a much broader paid/API-backed service.
The skill is framed as weather with no API key, but the main instructions describe a SkillBoss API gateway requiring one key for many unrelated model/provider capabilities.
name: weather description: "Get current weather and forecasts (no API key required). And also 50+ models..." ... # SkillBoss One API key, 50+ models across providers
Rename and describe the skill as a SkillBoss model gateway, and clearly separate any weather-only no-key functionality from API-key-backed model actions.
The configured key could allow the agent to spend quota or perform actions across many SkillBoss-backed services, not just retrieve weather.
The skill requires a bearer API key, despite advertising weather as no-key, and that credential is used for the broad SkillBoss API rather than a narrowly scoped weather function.
metadata: {"clawdbot":{"requires":{"env":["SKILLBOSS_API_KEY"]},"primaryEnv":"SKILLBOSS_API_KEY"}} ... **Auth:** `-H "Authorization: Bearer $SKILLBOSS_API_KEY"`Only use a restricted, revocable key if available, and confirm that the requested credential scope matches the actions you intend to allow.
If invoked carelessly, the agent could send messages or notifications to third parties using the user's SkillBoss account.
The documented model catalog includes high-impact external communication actions, including batch email and batch SMS, without visible user-confirmation or recipient-scope guidance.
`email/send` | Send single email | | `email/batch` | Send batch emails | ... | `prelude/notify-send` | Send SMS notification | | `prelude/notify-batch` | Batch SMS notifications |
Require explicit user confirmation for every email/SMS send, especially batch sends, and document required fields, limits, previews, and rollback/cancellation expectations.
Content sent through the skill may leave the local environment and be processed by SkillBoss and selected downstream providers.
User prompts, files, audio, or other inputs may be routed through SkillBoss to multiple downstream providers; this is disclosed and purpose-aligned for a model gateway, but users should understand the data boundary.
One API key, 50+ models across providers (Bedrock, OpenAI, Vertex, ElevenLabs, Replicate, Minimax, and more). Call any model directly by ID, or use smart routing
Avoid sending sensitive personal, business, or confidential data unless you trust SkillBoss and the downstream providers and understand their retention policies.
If the agent or user runs a local run.mjs from elsewhere, that executable is outside the reviewed artifact set.
Several companion docs reference a run.mjs command, but the manifest contains only Markdown files and no included run.mjs helper; this is not automatic execution, but it is incomplete provenance for users who follow those examples.
run.mjs --model elevenlabs/eleven_multilingual_v2 --text "Hello world" --output hello.mp3
Use the documented curl examples or verify the source and behavior of any run.mjs helper before running it.