weather
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches weather data and forecasts from well-known public services including wttr.in and the Open-Meteo API.
- [COMMAND_EXECUTION]: Utilizes the
curlcommand-line tool to perform network requests and can optionally save weather imagery to the local filesystem (e.g., /tmp/weather.png). - [PROMPT_INJECTION]: The skill processes data from external APIs which constitutes a potential surface for indirect prompt injection. Ingestion points: SKILL.md (via curl output). Boundary markers: None. Capability inventory: SKILL.md (curl execution). Sanitization: None.
Audit Metadata