ClawHub
Back to skill
v0.1.0

Hefeng Weather - 和风天气

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:06 AM.

Analysis

This is a coherent weather-query skill, but it needs QWeather credentials and sends city/location queries to a configured API host, so verify the configuration before using it.

GuidanceInstall/use this skill only if you are comfortable providing QWeather API credentials. Configure HEFENG_API_HOST to a trusted QWeather domain, prefer environment variables or --no-save for credentials if possible, keep any saved ~/.config/qweather/.env file private, and run only the included reviewed scripts.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Unexpected Code Execution
SeverityInfoConfidenceHighStatusNote
SKILL.md
执行脚本: python scripts/weather_now.py --city "北京"

The skill is not only instructional text; it expects running bundled Python scripts to answer weather questions. This is purpose-aligned and parameterized, with no evidence of destructive or hidden execution.

User impactUsing the skill means the agent may run local Python scripts to fetch weather data.
RecommendationRun only the reviewed bundled scripts and avoid adding or executing unreviewed replacement scripts.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
python scripts/weather_history.py --city "北京" --days 7

SKILL.md documents scripts such as weather_history.py that are not present in the supplied file manifest. This looks like a packaging/documentation gap rather than malicious behavior.

User impactThe agent or user may try to run commands that are missing, or may be tempted to obtain extra unreviewed files.
RecommendationUse the scripts actually included in the package, and review any additional scripts before adding or running them.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
scripts/configure.py
lines.append(f"HEFENG_API_KEY={args.api_key}") ... fd = os.open(config_file, os.O_CREAT | os.O_WRONLY | os.O_TRUNC, 0o600)

The configuration script can save the user's QWeather API key/JWT-related settings to a local .env file by default. It sets owner-only permissions in this script, but this is still credential storage users should notice.

User impactA local QWeather API key or private-key setting could be used by anyone who gains access to that configuration file.
RecommendationPrefer environment variables or --no-save if you do not want persistent credentials; if saved, keep permissions restrictive and rotate the API key if exposed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
scripts/qweather_api.py
self._api_host = os.environ.get("HEFENG_API_HOST") ... url = f"https://{self._api_host}/{endpoint}" ... httpx.get(url, headers=self._auth_header, params=params)

The API destination host is configurable and receives authentication headers plus query parameters such as city/location. This is expected for QWeather/custom-domain use, but a wrong host would receive sensitive request data.

User impactIf HEFENG_API_HOST is set to an untrusted server, API credentials and location queries could be sent there.
RecommendationSet HEFENG_API_HOST only to an official or trusted QWeather domain and treat any host change as security-sensitive.