ClawHub

Oura (API v2)

Security checks across malware telemetry and agentic risk

Overview

This skill transparently fetches Oura wellness data with a user-provided token and writes local summaries, with privacy handling left to the user.

Install only if you want OpenClaw to access your Oura sleep, readiness, and activity data. Keep OURA_ACCESS_TOKEN in a protected environment or secret store, rotate it if exposed, and treat the generated JSON files as private health data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation describes capabilities that access environment variables, read and write local files, and make network requests, but it does not declare corresponding permissions. This creates a transparency and governance gap: users or platforms may authorize or run the skill without understanding that it handles secrets and transmits health-related data externally.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill description does not clearly warn users that it consumes a sensitive personal access token and sends health data to a third-party API. Because the data includes sleep, readiness, and activity information, inadequate disclosure can lead to uninformed consent and unsafe deployment in privacy-sensitive environments.

Natural-Language Policy Violations

Low
Confidence
78% confidence
Finding
The skill defaults to a specific timezone, Asia/Shanghai, without explaining why or requiring user confirmation. For health and daily-summary data, an unexpected timezone can shift day boundaries and cause inaccurate summaries, which is especially risky when data is normalized into a 'daily' record.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The script writes fetched sleep, readiness, and activity data to any user-specified output path without validation, minimization, or an explicit warning that sensitive health data will be persisted locally. In an agent or automation context, this can lead to unintended storage in insecure locations, later exfiltration, or over-broad access by other local users/processes.

Natural-Language Policy Violations

Medium
Confidence
77% confidence
Finding
Defaulting to Asia/Shanghai without user opt-in can cause the tool to fetch and label the wrong local day, producing inaccurate wellness records and potentially exposing data for an unintended date. In a health-data workflow, silent timezone skew is a privacy and integrity issue because it can cause misleading summaries and incorrect daily normalization.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal