ClawHub

Global Weather Service

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed weather lookup and scheduled weather subscription skill, with persistence limited to weather subscription and timezone data.

Install this if you want weather reports and scheduled OpenClaw weather pushes. Before using subscriptions, review or clear the bundled data/subscriptions.json and data/user_timezones.json entries if they are not yours, and only create scheduled deliveries for channels or recipients you control.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill instructs the agent to run local Python scripts, perform network requests to Open-Meteo, and read/write subscription and timezone data files, but it declares no permissions. This creates a transparency and policy-enforcement gap: a host may invoke the skill without realizing it can execute shell commands and persist user-affecting state, increasing the risk of unauthorized file changes or command execution in a broader agent environment.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README encourages creation, update, and deletion of scheduled subscriptions that persist state and cause future automated outbound messages, but it does not clearly warn operators that these commands create durable jobs and stored recipient data. In an agent setting, undocumented persistence and autonomous message delivery can lead to unintended spam, privacy issues, or actions taken without informed user consent.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill supports deleting subscriptions by id or name without documenting any confirmation step or user-verification safeguard. In an agent setting, ambiguous names or accidental invocation could lead to unintended destruction of scheduled jobs, affecting availability and user trust even if the impact is limited to subscription state.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal