Is weather safe?

https://clawhub.ai/skill/weather

95
SAFE

The weather skill is a clean, minimal utility that provides curl-based weather lookup instructions using two well-known public APIs (wttr.in and Open-Meteo). No prompt injection, data exfiltration, or malicious code execution patterns were detected. All monitoring signals (canary files, network activity, process execution, filesystem events) are clean and consistent with a benign skill installation.

Category Scores

Prompt Injection 97/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 93/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 88/100 · 5%

Findings (5)

INFO Bash curl commands in SKILL.md -2

The skill provides bash code blocks with curl commands that the agent will execute. These are simple HTTP GET requests to wttr.in and api.open-meteo.com with user-supplied location parameters. The commands are straightforward and do not contain shell injection vectors or chained execution.

LOW Location data sent to third-party services -5

By design, the skill sends user-requested location strings to wttr.in and api.open-meteo.com. This is the intended functionality but represents minimal information disclosure (geographic location queries) to third-party services.

LOW File write to /tmp via PNG download example -5

The skill includes an example that downloads a PNG weather image to /tmp/weather.png. This is a benign temporary file write but represents a minor filesystem side effect.

INFO External URL references are contextually appropriate -3

The skill references external URLs (wttr.in, api.open-meteo.com, open-meteo.com/en/docs) which are all directly related to the skill's weather functionality. No hidden or obfuscated URLs detected.

INFO Lock file references unrelated skill name 0

The .clawhub/lock.json references 'academic-research-hub' rather than 'weather'. This appears to be a pre-existing lock file entry from a previous installation in the same environment, not a sign of malicious behavior.