Back to skill

Security audit

Weather Reporter

Security checks across malware telemetry and agentic risk

Overview

This skill is a weather report image generator with expected external API use, but users should handle API keys carefully and run it in a dedicated folder.

Install only if you are comfortable sending city and weather-derived data to wttr.in, ZhipuAI, and your configured LLM provider. Keep config.json private, do not commit or share real API keys, and run the tool in its own folder because it deletes and overwrites fixed PNG filenames such as 1.png, bg.png, make.png, and output.png.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The function sends raw user-provided content to an external LLM API, which can expose sensitive or personal data to a third-party service without any visible notice, consent, or minimization. In a weather-assistant context this may seem low-risk, but the function accepts arbitrary content and forwards it directly off-device, so misuse or accidental sensitive input creates a real privacy and data-handling issue.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README instructs users to place live API keys in a local config.json file but does not warn that this file contains sensitive credentials or recommend keeping it out of version control. In practice, this omission often leads to accidental commits, sharing in screenshots/support bundles, or leakage through packaged skills, which can expose paid API access and downstream accounts.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill documentation instructs users to configure third-party API keys and use external services, but it does not disclose that weather prompts, city inputs, generated content requests, and possibly other user-provided data will be transmitted to external providers. This creates a real privacy and security risk because users may unknowingly send sensitive data to wttr.in, ZhipuAI, or an OpenAI-compatible endpoint without understanding retention, logging, or cross-border processing implications.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
On startup, the script unconditionally deletes a fixed set of local PNG files in the current working directory and suppresses all errors with a bare except. This can destroy user or unrelated application files if the skill runs from an unexpected directory, and the silent failure makes the behavior hard to detect or audit.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The function sends the provided weather data to an external image-generation service without any notice, consent flow, or indication of remote transmission. Even if weather seems low sensitivity, the pattern is risky because callers may pass richer contextual or location-derived data, and the skill silently transfers it to a third party.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.