Garmin Health Analysis
ReviewAudited by ClawScan on May 1, 2026.
Overview
The skill is coherent with its Garmin health-analysis purpose, but it requires Garmin account access and handles sensitive health, activity, and location data.
Install only if you want Clawdbot to access your Garmin account. Prefer protected environment or Clawdbot UI credential storage over command-line passwords, consider using a virtual environment for dependencies, and delete local exported activity files or tokens when no longer needed.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Enabling the skill gives it access to detailed Garmin account information such as sleep, heart rate, activities, profile data, and routes.
The skill needs Garmin login credentials and persists an authenticated session so it can read Garmin account data.
"env":["GARMIN_EMAIL","GARMIN_PASSWORD"] ... "Session tokens are stored in `~/.clawdbot/garmin-tokens.json` and auto-refresh."
Use it only if you are comfortable granting Garmin account access; protect any config or token files, avoid passing passwords on the command line when possible, and revoke or rotate credentials if you uninstall it.
Installing dependencies this way can change the local Python environment and relies on the current PyPI packages for Garmin, FIT, and GPX parsing.
The installer pulls unpinned Python dependencies and may fall back to modifying the system Python environment.
pip3 install --user garminconnect fitparse gpxpy ... pip3 install --break-system-packages garminconnect fitparse gpxpy
Prefer a virtual environment or user-level install, review the dependency sources, and avoid the system-package fallback unless you understand the impact.
Downloaded FIT/GPX/TCX files may contain private GPS routes and workout health data that remain on disk after analysis.
The skill can export Garmin activity files containing route and fitness details to local files, defaulting to /tmp.
def download_activity_file(client, activity_id, file_format="fit", output_dir="/tmp") ... with open(output_path, 'wb') as f: f.write(data)
Save activity files to a private directory when possible and delete exported files when you no longer need them.