ClawHub

Shuzhi Weather

Security checks across malware telemetry and agentic risk

Overview

This weather skill appears to do what it says, but its handling of API credentials is risky enough that users should review it before installing.

Review before installing. Use it only if you are comfortable storing Shuzhi API credentials locally and sending requested coordinates to the Shuzhi Weather API. If installed, restrict the config file to user-only permissions, do not share captured error logs, and remove or fix the error path that prints the full config before adding real credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill instructs the agent to read a local credentials file and make outbound network requests, but the manifest does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: users and the platform cannot accurately reason about what the skill can access, and an agent may perform sensitive file reads or network calls without explicit authorization metadata.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation instructs users to store long-lived API credentials, including the app_secret, in a local plaintext config file under the home directory without any warning about file permissions, secret rotation, or safer secret storage. This increases the chance of credential disclosure through overly permissive filesystem permissions, backups, dotfile sync, or accidental commits, which could allow unauthorized use of the external weather API.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This is a true information-disclosure issue. When required fields are missing, the error message includes the entire parsed config object (`Current config: {config}`), which can expose `app_secret` and other sensitive values to stderr, logs, terminals, or upstream tooling that captures command output. In this skill's context, the file specifically stores API credentials, so echoing config contents is more dangerous than in a non-secret config because it can directly leak authentication material.

Session Persistence

Medium
Category
Rogue Agent
Content
**IMPORTANT**: Before using this skill, you must configure your API credentials:

Create the configuration file at `~/.openclaw/skills/shuzhi-weather/config.json` with the following content:

```json
{
Confidence
78% confidence
Finding
Create the configuration file at `~/.openclaw/skills/shuzhi-weather/config.json` with the following content: ```json { "app_key": "your_app_key_here", "app_secret": "your_app_secret_here" } ```

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal