Back to skill
Skillv0.3.1
ClawScan security
WHOOP CLI for Agents · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 20, 2026, 3:49 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's runtime instructions and install guidance expect a WHOOP CLI, OAuth credentials, and local token files, but the registry metadata claims no requirements and no install — the mismatch and lack of origin/homepage warrant caution.
- Guidance
- Do not install or enable this skill until you verify its origin. Steps to consider: 1) Confirm the npm package and GitHub repo referenced in SKILL.md (@andreasnlarsen/whoop-cli) are legitimate and match the maintainer listed in the registry. 2) Be wary that the registry metadata omits the env vars and install instructions that SKILL.md requires — ask the publisher to fix the manifest or provide a signed/verified source. 3) If you proceed, install the whoop CLI yourself (npm install -g @andreasnlarsen/whoop-cli@0.3.1) and perform OAuth login locally; never paste client secrets into chat. 4) Inspect ~/.whoop-cli profiles after login to confirm tokens are local and as expected. 5) Prefer read-only commands (summary, day-brief, health, trend, sync pull) and avoid granting the agent permissions to perform auth/login on your behalf. If the skill's origin cannot be confirmed or the manifest corrected, avoid enabling it.
Review Dimensions
- Purpose & Capability
- noteThe skill's stated purpose (agent-friendly whoop-cli access for briefs, health flags, and exports) matches the commands and workflows in SKILL.md. Requesting WHOOP OAuth credentials and a whoop binary is coherent with that purpose. However, the registry metadata lists no required binaries, no env vars, and no install spec while SKILL.md clearly documents both required env vars and an npm install — this inconsistency is unexpected and should be resolved before trusting the skill.
- Instruction Scope
- concernSKILL.md instructs the agent to run whoop CLI commands that read/write local files (e.g., ~/.whoop-cli/profiles/*.json, experiments.json) and to prefer read-only operations; it explicitly warns not to request secrets in chat and to let the user perform login locally. Those runtime instructions are generally scoped to the stated purpose, but they also allow or suggest commands that could surface local token files or request client secrets for login; the guidance relies on human enforcement. Given the mismatch between declared and actual requirements, it's unclear whether the agent will be constrained to the safe behaviors described.
- Install Mechanism
- concernSKILL.md provides an npm global install (package @andreasnlarsen/whoop-cli@0.3.1), which is a reasonable distribution mechanism for a Node CLI, but the registry's top-level metadata contained no install spec. The presence of install instructions only in SKILL.md (not in the registry) is an inconsistency. Installing an npm package globally requires runtime privileges and should be done from a trusted source; SKILL.md points to a GitHub repo, but the skill listing has no homepage and an unknown source, increasing risk.
- Credentials
- concernSKILL.md requires WHOOP_CLIENT_ID, WHOOP_CLIENT_SECRET, and WHOOP_REDIRECT_URI (with WHOOP_CLIENT_SECRET declared as primaryEnv) which are appropriate for OAuth-based CLI access. The registry metadata, however, declared no required env vars or primary credential — this mismatch is a red flag. Otherwise, the skill does not request additional unrelated credentials and restricts operations to local token files and read-only commands where possible.
- Persistence & Privilege
- okThe skill does not request always:true, does not claim persistent system-wide configuration changes, and is instruction-only (no code written to disk by the registry). SKILL.md mentions the CLI will store tokens under ~/.whoop-cli and offers an optional local install command, which is normal for a CLI integration and within scope for this purpose.