Back to skill

Security audit

Weather Outfit Advisor

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent weather-based outfit advisor, but it sends destination and style queries to outside services and includes a bundled Pexels API key.

Install only if you are comfortable with your destination, travel date context, and fashion search terms being sent to external providers such as wttr.in and Pexels. Maintainers should remove and rotate the embedded Pexels key, require user-supplied configuration, and add a plain privacy notice for external lookups.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (9)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill documents shell execution and outbound network access but does not declare corresponding permissions, creating a transparency and governance gap. In an agent environment, undeclared capabilities can bypass expected review controls and surprise users or operators with external calls and command execution.

Tp4

High
Category
MCP Tool Poisoning
Confidence
96% confidence
Finding
The documented behavior expands beyond weather advice into third-party image search and API-key handling, while also failing to reliably implement the claimed clarification-first flow. Description-behavior mismatch is dangerous because it undermines user consent and security review: operators may approve a weather-only skill while it actually sends destination-related context to additional external services.

Intent-Code Divergence

Low
Confidence
89% confidence
Finding
The README states that no external dependencies are required while also requiring an external Pexels API key. This can mislead users and reviewers about the skill's external service usage and trust boundary, causing them to underestimate data-sharing, credential-handling, and deployment requirements.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
Adding destination-based image search broadens the skill from functional weather assistance into ancillary content retrieval from third-party services. This increases external data exposure and attack surface without being necessary for the core task, making the skill riskier than users would reasonably expect.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill introduces API-key configuration and external image-service integration unrelated to its stated weather-advice purpose. Unnecessary secret handling and extra integrations expand the blast radius of compromise and can lead to credential leakage, misuse, or unauthorized external requests.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
This section embeds a live third-party API credential directly in the script and uses it to transmit user queries to external media services. Hardcoded secrets are a real security issue because they can be extracted from source control or deployed artifacts, abused by others, and can enable unauthorized use, billing impact, rate-limit exhaustion, or account compromise of the linked service.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README describes querying external weather APIs and Pexels image search without warning that user-provided locations, dates, preferences, or search terms may be transmitted to third-party services. This creates a transparency and privacy risk because users may unknowingly disclose travel plans or personal preference data to outside providers.

Missing User Warnings

Low
Confidence
85% confidence
Finding
The skill instructs sending city and travel-date context to third-party weather services without a user-facing privacy notice. While the data is not highly sensitive by default, travel details can still reveal location plans and should not be transmitted silently.

Missing User Warnings

Low
Confidence
92% confidence
Finding
The image-search feature sends destination and style-related context to external image APIs without warning or consent. Because this feature is optional and outside the core weather function, silent transmission is less justified and creates unnecessary privacy risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.