Oura Health
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a read-only Oura API helper, but it needs an Oura access token and will bring sensitive health/profile data into your agent chat.
Install only if you want your agent to access your Oura health and profile data. Protect ~/.config/oura/credentials.json, keep the API endpoint set to Oura's official URL, and treat chat outputs from this skill as sensitive health information.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the credential file exists, the agent can query the user's Oura account data when the skill is invoked.
The skill uses a local Oura personal access token to authenticate to the user's Oura account. This is expected for the stated purpose, but it is delegated account access that should be protected.
Requires a personal access token at `~/.config/oura/credentials.json`.
Store the credentials file with restrictive permissions, keep the token private, and rotate/revoke it if it may have been exposed.
Private health metrics and profile details could be visible in chat history or to anyone with access to the agent session.
The skill intentionally retrieves sensitive health and profile information and prints human-readable results, which may enter the agent conversation, logs, or downstream context.
This skill reads (never writes) ... Personal Info — age, sex, email, weight, height ... Heart Rate — continuous HR readings
Use the skill only in trusted/private sessions and avoid asking the agent to store, summarize, or share sensitive health outputs unless intended.
A user may misunderstand the token handling and assume it is never transmitted over the network.
This privacy wording is too strong for an API client: the token must be sent in an Authorization header to authenticate Oura API requests. The provided artifacts otherwise indicate the intended destination is the official Oura API, not a third party.
Your access token never leaves your machine.
Treat the token as a network credential, keep the configured API endpoint official, and update the privacy wording to say the token is sent only to Oura for authentication.