ClawHub

Garmin Trainer

Security checks across malware telemetry and agentic risk

Overview

This Garmin training skill is useful and mostly coherent, but it can read sensitive fitness data and force-delete future Garmin workouts without user confirmation.

Install only if you are comfortable letting the agent use your Garmin account to read detailed training and health data and manage your workout calendar. Before running it, require a preview and explicit approval for any workout creation, rescheduling, or deletion, especially because W-prefixed workout names may not reliably prove that the skill created them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The activation text is overly broad for a high-impact skill that can read Garmin data and modify the user's training calendar. Broad triggers increase the chance the skill runs in situations where the user only wants general advice, causing unintended access or calendar changes without clear informed intent.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill description does not clearly warn users that it will create, schedule, and delete future workouts on their Garmin calendar. Because these are state-changing actions affecting a personal training plan, omission of this warning undermines informed consent and can lead to unexpected destructive changes.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The reference explicitly documents `gccli workouts schedule remove <schedule-id> --force` and says to remove skill-managed workouts automatically without confirmation. In a skill that programmatically manages a user's Garmin calendar, this lowers safety barriers around destructive actions and creates a realistic risk of accidental or overbroad deletion if IDs are misidentified, filters are wrong, or the skill logic is manipulated.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal