ClawHub
Back to skill
v1.0.1

Book Fitness

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:24 AM.

Analysis

This instruction-only skill matches its stated fitness-booking purpose, but it uses an external Lokuli MCP endpoint that can create bookings and receive customer contact details.

GuidanceBefore installing, decide whether you trust the Lokuli MCP endpoint and publisher. If used, have the agent search and check availability freely, but require explicit confirmation before creating any booking or sharing your contact details.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
"name": "create_booking", "arguments": { "providerId": "xxx", "serviceId": "yyy", "timeSlot": "2025-02-10T14:00:00-08:00"

The skill exposes a booking-creation action, which is purpose-aligned but can create a real appointment if submitted.

User impactThe agent could place a fitness booking through the external service when the user intends to book.
RecommendationConfirm the provider, service, date, time, customer details, and any cancellation or fee terms before allowing create_booking to be called.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
metadata
Source: unknown; Homepage: none

The registry metadata does not provide an external source or homepage to help verify the publisher or service provenance.

User impactUsers have limited registry-provided context for verifying who maintains the skill or the linked service.
RecommendationVerify the publisher and the lokuli.com endpoint independently before relying on the skill for bookings.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
SKILL.md
https://lokuli.com/mcp/sse ... "customerName": "John Doe", "customerEmail": "john@example.com", "customerPhone": "+13105551234"

The documented MCP flow sends customer contact information to an external Lokuli endpoint as part of booking.

User impactName, email, and phone number may be shared with the external booking provider to complete a reservation.
RecommendationOnly provide the contact details needed for the booking and use the skill only if you trust the Lokuli MCP service.