← Back to Skills Marketplace
705
Downloads
2
Stars
1
Active Installs
4
Versions
Install in OpenClaw
/install thermikbuddy
Description
Segelflug- und Thermikvorhersage mit Thermik-Score (0-10). Nutze diesen Skill wenn der User nach Segelflugwetter, Thermik, Streckenflugbedingungen, Flugwette...
Usage Guidance
This skill mostly looks like what it says: a Python-based Thermik forecast engine that fetches Open‑Meteo data and (optionally) scrapes DHV text to adjust scores. Before installing or running it: 1) Ensure you or the environment provides python3 on PATH (SKILL.md expects 'python3' but the skill declares no required binaries). 2) Review the included .py files yourself (they are present in the bundle) — they perform outbound network calls to api.open-meteo.com and https://www.dhv.de and emit JSON; there is no credential exfiltration, but code execution is required. 3) Note the metadata/version inconsistencies (SKILL.md v2.0.0 vs _meta/origin showing 1.0.2/1.0.3) — ask the publisher which version is authoritative. 4) If you will run this in an automated agent, run it first in a sandbox or restricted environment and check its network activity. 5) If you depend on accuracy for flight decisions, treat this as advisory and cross-check with official sources (DWD, DHV, SkySight) as suggested by the skill.
Capability Analysis
Type: OpenClaw Skill
Name: thermikbuddy
Version: 1.0.3
The skill is classified as suspicious due to a potential shell injection vulnerability. The `SKILL.md` file instructs the OpenClaw agent to execute local Python scripts with user-provided arguments (e.g., `--name <user_input>`). If the agent's runtime environment does not properly sanitize or quote these user inputs before passing them to the shell, an attacker could inject arbitrary shell commands. While the Python scripts themselves use `argparse` safely, the instruction template in `SKILL.md` exposes this critical vulnerability in the agent's execution model. There is no evidence of intentional malicious behavior like data exfiltration or persistence within the skill's code, which otherwise performs legitimate weather forecasting by fetching data from `api.open-meteo.com` and `dhv.de`.
Capability Assessment
Purpose & Capability
The name/description match the included code: the scripts fetch weather from Open‑Meteo, optionally scrape DHV, compute a Thermik score and emit JSON — that aligns with the stated purpose. However the skill declares no required binaries while the runtime instructions and included scripts explicitly call python3; the lack of a declared python runtime is an omission/inconsistency.
Instruction Scope
SKILL.md instructs only to run the provided Python scripts and to present region choices to the user. The scripts themselves perform network calls (Open‑Meteo API, DHV website), parse data, and compute scores. They do not read arbitrary local files or request environment variables beyond none declared. One minor concern: DHV scraping uses fragile regex-based HTML extraction (no HTML parser), which is brittle but not a data-exfiltration issue.
Install Mechanism
There is no install spec and no external download/install step — the skill is delivered as code files that the agent will run. This is lower risk than fetching arbitrary binaries. Still, running bundled scripts means code will execute on the host — review the code before running.
Credentials
The skill requests no environment variables or credentials and only talks to expected endpoints (api.open-meteo.com and www.dhv.de). There are no unrelated credential requests or hidden endpoints in the code.
Persistence & Privilege
The skill does not request always:true and does not attempt to modify other skills or persist credentials. It runs on invocation and prints results to stdout/stderr as expected.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install thermikbuddy - After installation, invoke the skill by name or use
/thermikbuddy - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
thermikbuddy 1.0.3
- Added scripts for parsing DHV weather data and diagnostic parameters: scripts/dhv_parser.py and scripts/diag_params.py
- Included metadata and origin files: _meta.json and .clawhub/origin.json
- Initial onboarding of new parsing and diagnostic utilities
v1.0.2
Version 2.0.0 – Major update with revamped scoring, alpine features, and improved forecasts.
- Upgraded scoring algorithm: 11 weighted parameters now including windscherung and 700hPa humidity.
- Added detailed alpine features (Föhn warning, ridge flying bonus, Gewitter score cap).
- DHV-Wetter integration removed, focusing on Open-Meteo (ICON-D2) data.
- Forecast scripts modularized; new scorer and fetcher added, legacy/test files removed.
- Revised and streamlined step-by-step user process and output formatting.
- Updated documentation, parameter table, and warning types for clarity and safety.
v1.0.1
No changes in this release.
- Version bumped to 1.0.1.
- No file or documentation changes detected.
v1.0.0
First upload
Metadata
Frequently Asked Questions
What is ThermikBuddy?
Segelflug- und Thermikvorhersage mit Thermik-Score (0-10). Nutze diesen Skill wenn der User nach Segelflugwetter, Thermik, Streckenflugbedingungen, Flugwette... It is an AI Agent Skill for Claude Code / OpenClaw, with 705 downloads so far.
How do I install ThermikBuddy?
Run "/install thermikbuddy" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is ThermikBuddy free?
Yes, ThermikBuddy is completely free (open-source). You can download, install and use it at no cost.
Which platforms does ThermikBuddy support?
ThermikBuddy is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created ThermikBuddy?
It is built and maintained by achimace (@achimace); the current version is v1.0.3.
More Skills