ClawHub

weatheresp32

Security checks across malware telemetry and agentic risk

Overview

This skill is a simple read-only ESP32 weather-sensor helper, with some wording that users should verify so it contacts the intended device.

Install this only if you want your agent to contact your own ESP32 weather sensor. Before first use, replace or verify the configured IP or Cloudflare Tunnel URL, and do not rely on the skill for full weather forecasts or umbrella decisions unless your device actually provides that data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill uses broad triggers like 'What's the weather?' and 'Current temperature' that overlap with ordinary conversation, which can cause unintended activation. Because activation leads to network requests against a user-supplied or preconfigured endpoint, accidental invocation could disclose local device data or cause unexpected access to a private network resource.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Phrases like 'Is it hot?' and 'Should I take an umbrella?' are highly ambiguous and commonly refer to general weather advice, yet this skill maps them to local sensor access. That mismatch increases the chance the skill will activate outside the user's intent and make unnecessary requests to the configured ESP32 endpoint.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The skill instructs the agent to send HTTP requests to a user-provided local endpoint without clearly warning the user that the action will access a networked device. While this appears intended for legitimate personal-device use, silent access to local or tunnel-exposed endpoints reduces transparency and can be risky if the stored IP/URL is stale, attacker-controlled, or unexpectedly public.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal