open-meteo-flood-fetch
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill performs network requests to
flood-api.open-meteo.com. This is a well-known environmental data service. The requests are limited to coordinate-based data retrieval and do not involve the transmission of sensitive local files or system information. - [CREDENTIALS_UNSAFE]: The skill supports an optional API key provided via environment variables or command-line arguments. The implementation includes logic to redact these credentials in logs and URLs, ensuring they are not exposed during operation.
- [COMMAND_EXECUTION]: The Python script handles data processing and network communication using standard libraries. It does not invoke shell commands, sub-processes, or any form of dynamic code evaluation.
- [EXTERNAL_DOWNLOADS]: No external software packages or third-party dependencies are required, as the script relies entirely on the Python standard library. Remote communication is strictly limited to the official Open-Meteo API endpoint.
- [SAFE]: The script contains rigorous validation logic that checks the integrity and structure of the JSON response from the remote API, mitigating risks associated with malformed or unexpected data ingestion.
Audit Metadata