ClawHub

WHOOP Morning

Security checks across malware telemetry and agentic risk

Overview

The skill has a plausible WHOOP wellness-report purpose, but it asks users to grant persistent health-data access while the main credential-handling commands referenced by the instructions are not included in the reviewed package.

Review before installing. Only proceed if you can verify the missing `whoop-auth` and `whoop-morning` executables from a trusted source, are comfortable granting persistent WHOOP OAuth access, can protect the `.env` and token cache files, and will route any scheduled morning reports only to a private destination.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The setup instructs the user to persist OAuth client credentials and a long-lived refresh token in `~/.clawdbot/.env` without a prominent warning about the sensitivity of those values. Storing reusable authentication material locally is not inherently malicious, but failing to disclose the risk can lead to credential exposure through weak file permissions, backups, shell history, or other local compromise.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
This code writes OAuth-like tokens to a predictable plaintext cache file under the user's home directory without setting restrictive file permissions or providing any notice that long-lived credentials are being persisted. If another local user, process, backup system, or malware can read that file, the tokens could be reused to access the user's WHOOP account until expiry or refresh.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal