ClawHub

weather-cn-fixed

PassAudited by VirusTotal on May 11, 2026.

Overview

Type: OpenClaw Skill Name: weather-cn-fixed Version: 1.0.2 The weather-cn.sh script contains a shell injection vulnerability due to the use of 'eval' on unsanitized data parsed from an external website (weather.com.cn). Specifically, the script extracts content from HTML tags like <title> and passes it directly into an eval statement in the format_output function, which could allow arbitrary command execution if the fetched content is manipulated or the site is compromised. While the script's purpose is legitimate weather retrieval, the lack of input sanitization poses a significant security risk.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Concern
ASI05: Unexpected Code Execution
What this means

A compromised or maliciously altered weather page response could potentially cause commands to run on the user's machine when the weather script is invoked.

Why it was flagged

The script downloads remote HTML, derives WEATHER from parsed page content, emits it as an assignment string, and later runs eval on that string. If the parsed remote content contains shell metacharacters or command substitutions, eval can execute them locally.

Skill content
html=$(curl -s --max-time 10 "$url" 2>/dev/null) ... echo "WEATHER=${weather:-未知}" ... eval "$data"
Recommendation

Remove eval and parse key/value output safely, for example by assigning variables directly or reading only expected keys with strict validation and quoting.

Note
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Users may have difficulty confirming they installed the intended package or following the documented install path.

Why it was flagged

The registry metadata describes weather-cn-fixed version 1.0.2, while the packaged _meta.json says weather-cn version 1.0.1 and SKILL.md names weather-zh. This inconsistency does not prove unsafe behavior, but it is a packaging/provenance mismatch users should notice.

Skill content
"slug": "weather-cn", "version": "1.0.1"
Recommendation

Publish consistent registry metadata, _meta.json, SKILL.md name, and documented skill path before relying on the package.