Garmin MCP
PassAudited by ClawScan on May 6, 2026.
Overview
This is a coherent Garmin MCP setup guide, but users should notice that it runs an external npm package and handles Garmin tokens and private wellness data.
This skill appears purpose-aligned for setting up Garmin MCP. Before installing, verify the external npm package and repository, understand that Garmin tokens will be stored locally, and only allow the agent to access or act on Garmin data with explicit consent.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the setup will execute code from an external package, so a compromised or mistaken package could affect the local environment.
The setup runs an external npm package with automatic yes behavior and no pinned version in the artifact. This is purpose-aligned for installing an MCP connector, but the package code is not included in the reviewed artifacts.
`npx -y garmin-mcp-unofficial setup`
Verify the npm package and linked GitHub repository before running the npx commands, and consider pinning a trusted version.
Garmin tokens could allow access to personal wellness and activity data if exposed or mishandled.
The skill expects Garmin account authentication and persistent local token storage. That is expected for a Garmin connector, but it grants access to a sensitive personal account.
Garmin credentials should never be placed in MCP client config. Use the local helper/token flow and keep tokens under ~/.garmin-mcp/.
Use the documented local token flow, keep tokens out of shared configs and chats, and remove/revoke tokens when no longer needed.
Private health and activity information may be visible to the agent and could be included in responses if the user or agent requests it.
These agent surfaces can bring private health and fitness data into an MCP-compatible agent's context. The skill acknowledges this with guidance not to print private user data.
Body Battery; training readiness; HRV; sleep; stress; activities
Only connect accounts you intend the agent to read, request privacy audits/status checks first, and avoid sharing outputs that contain private wellness data.
If an agent uses live tools without user review, it could make unwanted provider calls or changes.
The skill anticipates live provider calls and possible writes, but also instructs safer status and dry-run checks first. The artifacts do not show unsafe automatic execution.
Prefer connection_status, manifest, doctor, privacy_audit, or dry-run surfaces before any write or live provider call.
Require explicit user approval for any write or live provider action, and use dry-run or audit tools before allowing changes.