Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ultrahuman Biodata Assistant
v0.1.0Use the Ultrahuman MCP to answer questions about sleep, recovery, readiness, daily metrics, morning brief, ring data, glucose, and metabolic health. Use this...
⭐ 0· 143·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill’s stated purpose (fetching/presenting Ultrahuman metrics) is coherent with the described workflows. However, the metadata lists no required env vars or credentials while SKILL.md explicitly requires ULTRAHUMAN_TOKEN and ULTRAHUMAN_EMAIL or user-supplied email and an available ultrahuman_mcp MCP server. The missing declaration of required credentials/config is an inconsistency.
Instruction Scope
Runtime instructions are narrowly scoped to calling ultrahuman_get_daily_metrics and formatting results, which is appropriate. But the SKILL.md instructs the agent to use environment credentials (ULTRAHUMAN_TOKEN/ULTRAHUMAN_EMAIL) and to choose dates using the user's timezone; those env vars are not declared in metadata and there is no description of the MCP endpoint, URL, or who/what hosts it. The instructions do not direct arbitrary file reads, but they do rely on unspecified external service access.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so there is nothing written to disk or pulled from external URLs by the package itself.
Credentials
Although needing an Ultrahuman token/email is proportionate for accessing a user's health data, the skill metadata does not list any required credentials while the instructions require ULTRAHUMAN_TOKEN and optionally read ULTRAHUMAN_EMAIL. Sensitive health and authentication data are involved but are not declared in the skill manifest—this mismatch reduces transparency and increases risk. There's no detail on token scope, token storage, or whether the MCP forwards data elsewhere.
Persistence & Privilege
The skill does not request persistent/always-installed privileges (always:false), and it doesn't claim to modify other skills or system config. Autonomous invocation is allowed by default but not, by itself, a new risk here.
What to consider before installing
This skill appears to do what it says (fetch and summarize Ultrahuman metrics) but has an important transparency problem: SKILL.md expects ULTRAHUMAN_TOKEN and ULTRAHUMAN_EMAIL and an ultrahuman_mcp server, yet the skill metadata lists no required credentials or endpoint. Before installing or enabling the skill, ask the publisher these questions: (1) exactly which endpoint(s) will ultrahuman_get_daily_metrics call (full URLs) and who operates that MCP server; (2) why ULTRAHUMAN_TOKEN/ULTRAHUMAN_EMAIL are not declared in the manifest and what permissions the token has; (3) how tokens are stored/used and whether they are transmitted/stored outside your environment; (4) whether the skill logs or transmits raw health data to any third party beyond Ultrahuman; and (5) whether authentication can be done per-request (user-provided) rather than requiring a long-lived token in environment. Treat any request for your Ultrahuman credentials or health data as sensitive — only proceed if you trust the skill source and get explicit details about endpoints, token scope, and data retention. If you cannot get clear answers, do not enable the skill for sensitive health data.Like a lobster shell, security has layers — review code before you run it.
latestvk970rsspx781bdcvxqkp8ttzkh82zk07
License
MIT-0
Free to use, modify, and redistribute. No attribution required.