weather

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's runtime code (scripts/weather.py) fetches and parses live JSON/text from the public wttr.in endpoints (BASE_URL https://v2.wttr.in and V1_URL https://wttr.in) and SKILL.md explicitly recommends using the JSON output for AI decision scenarios (e.g., "明天要不要带伞"), so untrusted third‑party content is ingested and used to drive agent decisions.