weather-cn-pro

The script `weather-cn-pro.sh` contains a potential command injection vulnerability by using `eval` on data parsed from an external website (weather.com.cn). While the current regex-based extraction provides some sanitization, using `eval` on remote content is a high-risk practice. Additionally, the script makes an unauthenticated request to a third-party API (`api.aooi.com`) for AQI data, which is an external dependency not explicitly mentioned in the primary description.