This Garmin skill appears purpose-built rather than malicious, but it handles very sensitive health, location, and account data with weak containment in a few places.
Install only on a trusted personal machine. Treat Garmin credentials, config.json, session tokens, generated charts, stdout logs, and downloaded FIT/GPX/TCX files as sensitive because they can reveal health metrics, routines, and precise locations. Prefer UI-managed secrets or a local secret store over command-line passwords, delete downloaded activity files when done, and configure the agent to use this skill only for explicit Garmin-related requests.