Security audit

qweather

Security checks across malware telemetry and agentic risk

Overview

This is a narrow QWeather weather-lookup skill with disclosed API-key requirements and no evidence of hidden, destructive, or persistent behavior.

Install only if you are comfortable sending weather locations to QWeather. Use a dedicated QWeather API key, set QWEATHER_API_HOST to your official QWeather host, and avoid sharing raw error output because failed requests may expose the key in the URL.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger list is very broad, including generic terms like “weather,” “forecast,” and any '[city] 天气' pattern, which can cause accidental invocation in unrelated conversations. Unintended activation can lead to unnecessary external API calls and transmission of user-provided text to a third party without clear user intent.

Missing User Warnings

Low

Confidence: 91% confidence
Finding: The documentation states that the skill uses the QWeather API but does not provide a clear user-facing warning that city/weather queries will be sent to an external service. This weakens informed consent and privacy transparency, especially when user-entered locations may reveal sensitive travel or residency information.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.