ClawHub

Weather Ensemble Forecast

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward weather forecast helper that calls a disclosed weather API, with only ordinary privacy considerations for sending city/date queries off-device.

Install only if you are comfortable sending requested city/date forecast queries, and any configured WEATHER_ENSEMBLE_API_KEY, to the Weather Ensemble API or to whatever custom host you set with WEATHER_ENSEMBLE_HOST.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill declares no explicit permissions while instructing the agent to execute shell commands (`bash .../forecast.sh` and `bash .../cities.sh`). This creates a transparency and policy gap: reviewers and runtime controls may underestimate the skill's actual capabilities, increasing the chance of unintended command execution or insufficient sandboxing of external network activity.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The invocation guidance says to run the command whenever the user asks for a weather forecast, temperature prediction, model comparison, or ensemble analysis, which is broad enough to trigger on many ordinary conversations. Over-broad triggers can cause the agent to invoke the skill unexpectedly, sending user-derived inputs to an external service and executing shell commands without a clear, narrow intent boundary.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The script sends user-supplied city and optional date data to a remote service, but it does not clearly disclose to the user that their input is transmitted off-box. While this is expected for a forecast skill, the undisclosed network transmission can still create privacy and data-handling concerns, especially because the destination host is configurable via an environment variable and may not be obvious to the user.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal