ClawHub

Tempest Weather

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Tempest weather-station skill that uses a WeatherFlow token to fetch live station data, with some privacy and credential-handling cautions but no evidence of hidden or malicious behavior.

Install this only if you want your agent to access your WeatherFlow Tempest station. Keep the token in environment or secret storage, avoid pasting it into chat or committing it to dotfiles, rotate or revoke it if exposed, and be aware that responses may include precise station location unless you remove those fields.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill declares access to environment variables and external network resources but does not expose an explicit permissions model, which weakens reviewability and user/operator awareness of what the skill can access. In this case the behavior is partly expected for a weather integration, but the missing declaration still creates a trust and governance gap that could allow overbroad access to be overlooked.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The README instructs users to place a long-lived personal access token in shell startup files without any guidance on minimizing exposure, rotation, or avoiding accidental disclosure. This can lead to credential leakage through shared dotfiles, shell history, backups, process environments, or screenshots, especially on multi-user or synced systems.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger text is overly broad: phrases like 'current weather,' 'outdoor conditions,' and 'even if they don't mention Tempest or API explicitly' can cause this skill to activate for generic weather questions. That increases the chance of unnecessary credentialed API use, accidental data disclosure about a user's private station, and unintended routing away from safer general-purpose weather handlers.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal