ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Health Training Frontdoor

v1.0.0

Narrow first-class front door for live Fitbit/training retrieval via stable JSON actions.

0· 49·0 current·0 all-time
byJoao Driessen@joaodriessen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the code: the Node script is a thin wrapper that invokes fitbit-connector/scripts/fitbit_tools.py and returns JSON. That behavior is coherent with a read-only 'front door' for Fitbit/training retrieval. However the skill does not declare any Fitbit-related environment variables or credentials even though the backend connector almost certainly requires them, which is a proportionality/visibility gap.
!
Instruction Scope
SKILL.md instructs the agent to "Always load" local content including reference/practical-programming/INDEX.md and memory/training-continuity.md before giving programming advice. Loading memory/training-continuity.md could expose sensitive, user-specific training data; this goes beyond the narrow read-only data-retrieval claim and is a scope creep/conflict (the doc also says "Interpretation/coaching remains outside this skill").
Install Mechanism
There is no install spec (instruction-only plus a small JS script). Nothing is downloaded or written to disk by the skill itself.
Credentials
The wrapper passes process.env through to the child python process and does not declare required env vars. That means any credentials present in the agent environment will be available to the invoked fitbit_tools.py; this may be expected but should be explicit (the skill should document which FITBIT_* or connector-specific env vars it needs).
Persistence & Privilege
always:false and no special persistence or config changes. The skill does spawn a child process but does not request forced always-on privileges or attempt to modify other skills or global agent settings.
What to consider before installing
This skill is a small wrapper that calls an existing fitbit_tools.py and returns JSON; that is consistent with its stated purpose. Before installing, verify: 1) where fitbit-connector/scripts/fitbit_tools.py lives in your workspace and that it is trusted; 2) what environment variables or local config that python tool requires (the skill does not declare them but will forward process.env to the child process); 3) the contents of reference/practical-programming/INDEX.md and memory/training-continuity.md mentioned in SKILL.md — they may contain sensitive personal data and the SKILL.md explicitly asks the agent to load them before giving programming advice. If you proceed, ensure only expected credentials are present in the agent environment and audit the referenced fitbit connector code to confirm it is read-only and does not leak data to external endpoints.
scripts/request.js:74
Shell command execution detected (child_process).
scripts/request.js:77
Environment variable access combined with network send.
!
scripts/request.js:2
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c66r7tkr964a0j5xardj2m183vm91

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments