Skillv1.0.1

ClawScan security

AI Running Coach · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 10, 2026, 6:41 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly does what it says (calls airunningcoach.net to manage Strava-driven coaching), but there are internal inconsistencies (config path mismatch, mixed token handling instructions) and an instruction that asks users to paste API tokens into chat — these issues are not clearly explained and warrant caution.
Guidance: This skill appears to implement the advertised Strava-based coaching using airunningcoach.net, but pay attention before installing: - Token handling: The skill asks users to provide an API token. Do NOT paste your token into an open chat unless you trust the agent/session — pasting into chat can expose the token to logs and the agent. Prefer running the setup script locally in a terminal so the token is only written to your home directory. - Config path inconsistency: Some scripts use ~/.config/airunningcoach/config.json and others use ~/.config/ai-running-coach/config.json (hyphen vs no hyphen). This will cause behavior inconsistencies (one tool may not see the token another saved). If you install, inspect which path the installed 'arc' command actually uses and unify the location manually before storing secrets. - Verify the service: The skill communicates only with https://airunningcoach.net. If you don't already trust that site, review its privacy policy and the public repository (package.json references a GitHub URL) before giving it your Strava/ARC token. - Safety precautions: Review the included scripts yourself (they're plain shell + python) or run them in a restricted account/container. If you proceed, create the config file manually (with correct path) and set restrictive file permissions (chmod 600) rather than pasting tokens in chat; monitor your Strava/account for unexpected activity. I rate this 'suspicious' because the capability is coherent with its purpose but the token-handling guidance and inconsistent config paths are sloppy and materially increase the risk of accidental exposure or misconfiguration.

Review Dimensions

Purpose & Capability: noteName/description match the code: the CLI and scripts call https://airunningcoach.net/api/v1/* and implement plan/coach/stats flows described in SKILL.md. The package.json and scripts indicate the 'arc' CLI is the intended interface. Minor mismatch: package.json lists homepage/repo while SKILL.md lists no homepage; this is probably quality/metadata sloppiness but not malicious.
Instruction Scope: concernSKILL.md tells the agent to have users 'paste your arc_xxx token here' in IM and then run arc config set-token <token>. Asking users to paste secret tokens into chat (agent-visible context) is risky — it exposes the token to the agent/session logs. Otherwise, runtime instructions and commands (arc today/week/coach/strava/feedback) are limited to the stated service and do not instruct reading unrelated system files or contacting other endpoints.
Install Mechanism: okNo install spec (instruction-only / CLI script included). Scripts are local and executed, no remote downloads or package installs. That lowers supply-chain risk; nothing fetches arbitrary code from untrusted URLs.
Credentials: concernThe registry metadata declares no required env vars or credentials — appropriate. The scripts store and read a local token file under ~/.config. However there are inconsistent config paths across files: some scripts use ~/.config/airunningcoach/config.json, others use ~/.config/ai-running-coach/config.json (hyphen vs no hyphen). Comments in some scripts also mention ARC_API_TOKEN even though the scripts read the config file. These inconsistencies could lead to tokens being stored/read in different places or to confusion about where secrets live.
Persistence & Privilege: okThe skill does not request always:true and does not modify other skills or system-wide settings. It writes a config file under the user's home (~/.config/airunningcoach or ~/.config/ai-running-coach) which is a normal, limited persistence for a CLI that stores an API token.