Strava CLI Skill

v2.2.98

Use the stravacli terminal tool to access Strava data (athlete profile, activities, streams, routes, segments, clubs, gear, uploads) and perform limited writ...

⭐ 0· 429·0 current·0 all-time

byRaxat@brainsoft-raxat

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description match the SKILL.md: it tells the agent to use the external stravacli tool to read and (with confirmation) write Strava data. No unrelated credentials, binaries, or paths are requested.

✓

Instruction Scope

Instructions only tell the agent to install and run stravacli commands (read commands by default, explicit confirmation for write commands). The SKILL.md does not instruct reading arbitrary system files or sending data to unexpected endpoints. It does reference local files for uploads/exports and the CLI's auth flows, which is appropriate for a CLI integration.

ℹ

Install Mechanism

There is no automatic install; the doc points to GitHub releases or go install. Both are reasonable but require trusting the third‑party repository and any released binaries.

✓

Credentials

The skill requests no environment variables and relies on the CLI's own OAuth authentication for Strava tokens — appropriate and proportional for the described functionality.

✓

Persistence & Privilege

Skill is instruction-only, not always-enabled, and does not request elevated system presence or modify other skills. Normal autonomous invocation is allowed (platform default).

Assessment

This skill is a thin wrapper that instructs the agent to call the external stravacli CLI. Before installing or following its instructions: (1) review the GitHub repo and release artifacts you will install (check source and release integrity) because installing binaries or running `go install` executes third‑party code; (2) be aware stravacli will perform OAuth and store tokens locally—know where tokens are saved and protect/revoke them if needed; (3) the skill will only perform writes if you confirm, but double-check any upload/update commands before approving; (4) if you need headless auth, avoid exposing callback URLs you don't control, as that may leak tokens. If any of these points are unacceptable, do not install or run the external CLI.

Like a lobster shell, security has layers — review code before you run it.

latestvk97532xn3c8cgjmvfz6ph1p3wx8259tf

429downloads

0stars

2versions

Updated 1mo ago

v2.2.98

MIT-0

stravacli

Use stravacli for Strava operations from terminal.

Prerequisites

This skill depends on the external CLI project:

Source: https://github.com/Brainsoft-Raxat/strava-cli

Install stravacli before using this skill:

Recommended (release binary):
- Download latest from: https://github.com/Brainsoft-Raxat/strava-cli/releases/latest
Or with Go:
- go install github.com/Brainsoft-Raxat/strava-cli/cmd/stravacli@latest

Then verify binary is available in PATH:

stravacli --version

Setup

Authenticate before data commands:
- Local: stravacli auth login
- Headless/VPS: stravacli auth login --remote, then complete with stravacli auth login --auth-url '<callback-url>'
Verify auth: stravacli auth status

Read commands (preferred by default)

Athlete profile: stravacli athlete me --json
Athlete stats: stravacli athlete stats --json
Athlete zones: stravacli athlete zones --json
List activities: stravacli activities list --per-page 10 --json
Activity details: stravacli activities get <id> --json
Activity laps: stravacli activities laps <id> --json
Activity streams: stravacli activities streams <id> --json
Routes list/get: stravacli routes list --json / stravacli routes get <id> --json
Export route file: stravacli routes export <id> --format gpx --out ./route.gpx
Segments/starred/explore: stravacli segments starred --json, stravacli segments explore --bounds <swlat,swlng,nelat,nelng> --json
Clubs: stravacli clubs list --json
Gear: stravacli gear get <id> --json
Upload status: stravacli uploads get <uploadId> --json

Write commands (ask/confirm first)

Update activity metadata: stravacli activities update <id> --name 'New name' --description '...'
Upload activity file: stravacli activities upload --file ./run.fit --yes --json

Always confirm intent before write actions.

Output conventions

Use --json when results need parsing or reuse.
Keep user summaries concise; include key metrics and IDs.
If a command fails with auth errors, suggest stravacli auth status then re-login.

Comments

Loading comments...