Back to skill

Security audit

tjweather天气查询助手

Security checks across malware telemetry and agentic risk

Overview

This is a coherent weather skill that calls documented weather and geocoding services, with privacy and credential-hygiene notes users should understand before installing.

Install only if you are comfortable with location queries being sent to TJWeather and, for geocoding, to OpenStreetMap Nominatim or Photon. Use your own TJWeather API key instead of the shared trial keys, prefer SecretRef or environment-variable configuration, and avoid entering sensitive exact addresses unless that precision is needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The script sends user-supplied address data to third-party geocoding services (OpenStreetMap Nominatim and Photon) without any explicit notice, consent flow, or minimization. If users provide home, work, or otherwise sensitive locations, this can expose personal data to external services and create privacy/compliance risk, especially because the skill context is location-based and naturally encourages disclosure of precise places.

Ssd 3

Medium
Confidence
98% confidence
Finding
The README publishes credential-like TJWeather trial API keys directly in plain text, which encourages uncontrolled reuse and makes abuse trivial by anyone who can read the repository. Even if these are intended as trial keys, embedding them in public documentation normalizes secret exposure, prevents attribution, and can lead to quota exhaustion, service abuse, or downstream account disruption.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.