Weather Automation
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes data from external weather services and calendar events.
- Ingestion points: External weather descriptions, forecast data, and calendar event metadata are ingested through the morning_weather and event_weather workflows defined in SKILL.md.
- Boundary markers: The configuration uses variable interpolation (e.g., {{conditions}}, {{event.location}}) in message templates without delimiters or instructions to the model to ignore potential commands within the data.
- Capability inventory: The skill has the capability to send notifications via Slack and SMS, and trigger external automation events in Home Assistant.
- Sanitization: No sanitization, validation, or escaping of external content is present in the provided skill configuration.
- [NO_CODE]: The analyzed skill consists only of metadata and YAML configuration; no executable scripts or binary files were provided for a code-level security audit.
Audit Metadata