Fitbit Connector
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The Fitbit connector appears purpose-aligned, but it ships real-looking Fitbit OAuth tokens and private health/calendar data, so it should be reviewed before use.
Do not install this release until the publisher removes all token backups and private cached data, rotates the exposed Fitbit credentials, and republishes a clean package. If you use a cleaned version, grant only the Fitbit scopes you need, prefer the narrow front-door commands, and enable any cron/background sync only after reviewing where data and backups are stored.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Someone installing or inspecting the package may receive another user's Fitbit credentials and potentially access sensitive health/account data.
A published skill artifact contains Fitbit OAuth access and refresh tokens with broad scopes, which could grant access to a Fitbit account if still valid.
"access_token": "eyJ...", "refresh_token": "249ad5...", "scope": "heartrate profile social nutrition sleep activity ... location"
Do not install this package as-is; the publisher should revoke/rotate the leaked Fitbit tokens, remove all token backups from the release, and declare the OAuth credential requirements clearly.
The release may expose private health, training, and calendar context and could cause an agent to reuse another person's cached data when answering a user's questions.
The package includes persisted private calendar/training notes and identifying email data, not just connector code or documentation.
"creator": { "email": "joaodriessen@gmail.com" }, "description": "SOURCE: Apple Notes / Workouts... Deadlifts... Bench press..."Remove cached calendar, health, and run-history data from the distributable package; initialize caches locally per user and document retention/deletion controls.
An agent could fetch broader Fitbit account data than the user expected for a simple recovery or sleep question.
The skill exposes a generic Fitbit API fetch path and catalog in addition to typed recovery/health queries, widening what an autonomous agent can retrieve.
"Endpoint catalog (broad API surface)" and "Direct Fitbit endpoint fetch (generic exposure): python3 scripts/fitbit_tools.py fetch-endpoint --path ..."
Prefer the narrow front-door commands, require user confirmation for generic/raw endpoint fetches, and limit scopes to the specific health metrics the user needs.
If enabled, the connector may continue syncing and backing up health data on a schedule rather than only when manually invoked.
The documentation describes a recurring background sync pipeline. This is purpose-aligned for health data freshness, but users should notice the persistence.
"Suggested OpenClaw cron" ... "Cron: 10 6,12,18,23 * * *" ... "fitbit_pipeline.py --days-backfill 3"
Only enable the cron job intentionally, verify its paths and retention settings, and disable it if you do not want background health-data syncing.
Dependency behavior could change over time, although this is common and not suspicious by itself.
The Python dependency is version-ranged rather than pinned, so future installs may resolve to different package versions.
requests>=2.31.0
Use a lockfile or pinned dependency versions for reproducible installs, especially for a connector handling health data and OAuth tokens.