weather
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- EXTERNAL_DOWNLOADS (SAFE): Uses curl to fetch weather data from wttr.in and api.open-meteo.com. These are public weather APIs and the network activity is the primary purpose of the skill.
- DATA_EXFILTRATION (SAFE): Network requests are directed to legitimate weather services. No evidence of sensitive data access or exfiltration found.
- PROMPT_INJECTION (SAFE): The skill has an indirect prompt injection surface. 1. Ingestion points: wttr.in and api.open-meteo.com. 2. Boundary markers: Absent. 3. Capability inventory: curl. 4. Sanitization: Absent. As this is the primary purpose of the skill, the severity is downgraded to SAFE.
- COMMAND_EXECUTION (SAFE): Uses standard curl commands to retrieve data. No execution of downloaded content is performed.
Audit Metadata