ClawHub

Fitbit Tracker

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Fitbit health-data integration, but users should be deliberate because it stores reusable OAuth tokens and can access sensitive health data.

Install only if you are comfortable granting OpenClaw access to Fitbit health data. Consider setting FITBIT_SCOPES to only the data you need, avoid generic invocations if you do not want automatic health lookups, and delete ~/.config/openclaw/fitbit/token.json or revoke the Fitbit app if you stop using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Tp4

High
Category
MCP Tool Poisoning
Confidence
82% confidence
Finding
The skill presents itself as a simple health tracking integration, but it also performs OAuth authorization, runs a local callback listener during setup, persists refreshable tokens, and requests broader scopes including profile, heartrate, and weight. While these behaviors are documented later, they materially expand the trust boundary and sensitivity of the data handled, so the top-level description understates the privacy and security implications.

Vague Triggers

Medium
Confidence
85% confidence
Finding
Triggers such as "fitbit," "health," "full report," and "daily summary" are broad enough to match common user requests that may not be intended for this specific skill. In an agent environment, overly broad activation can cause unintended access to sensitive health data or accidental invocation of a skill that reads stored OAuth tokens and contacts external APIs.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill handles sensitive health information and stores long-lived OAuth tokens locally, but the user-facing description does not prominently warn about these privacy and persistence risks. Missing upfront disclosure increases the chance that users authorize broad health-data access without understanding what is collected, stored, and reused across sessions.

Session Persistence

Medium
Category
Rogue Agent
Content
## Setup

### 1. Create Fitbit Developer App

1. Go to [dev.fitbit.com](https://dev.fitbit.com)
2. Log in and click **Register an App**
Confidence
71% confidence
Finding
Create Fitbit Developer App 1. Go to [dev.fitbit.com](https://dev.fitbit.com) 2. Log in and click **Register an App** 3. Fill in: - **Application Name**: OpenClaw Fitbit (or any name) - **Descr

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal