Back to skill
Skillv0.1.1
ClawScan security
Whoo CLI · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 22, 2026, 6:34 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose (wrapping a WHOOP CLI) and does not request unrelated credentials or unusual system access, but you should verify the third‑party npm/bun package before installing because the SKILL.md directs a global install from an external package.
- Guidance
- This skill appears to do what it says: it wraps the whoo CLI to fetch WHOOP data via OAuth. Before installing or running it: (1) verify the npm/bun package author and review the GitHub source referenced (https://github.com/LuisGot/whoo) — global npm installs execute third‑party code; (2) prefer installing in a contained environment (container or dedicated user account) if you are worried about supply‑chain risk; (3) be aware you must create a WHOOP developer app and supply client_id/client_secret; tokens will be stored on disk in your OS config directory — ensure that location's permissions and backups are acceptable; (4) follow the skill's own advice: treat returned health data as sensitive and do not forward raw JSON to external services. If you want a higher assurance level, inspect the package code you will install (or run it from source) before granting it access to your account.
Review Dimensions
- Purpose & Capability
- okThe name/description match the instructions: the skill tells the agent to call a WHOOP CLI (whoo) which uses OAuth to fetch WHOOP health metrics. Required items (developer client_id/client_secret, OAuth redirect) are appropriate and expected for this purpose.
- Instruction Scope
- okThe runtime instructions are narrowly scoped to installing and using the whoo CLI and interpreting its JSON output. They do not direct the agent to read unrelated system files or to exfiltrate data; they explicitly warn to keep sensitive health data local and not to forward raw output to third‑party services.
- Install Mechanism
- noteThe skill is instruction‑only (no install spec) which is low platform risk, but the SKILL.md tells the user to install @luisgot/whoo globally via bun or npm. Global installs pull code from public registries and run with user privileges; this is normal for a CLI but carries the usual supply‑chain risk. The manifest does not ship code itself and points to a GitHub repo (no homepage in registry metadata) — verify the package/source before installing.
- Credentials
- noteThe manifest lists no required env vars (none declared), and the SKILL.md requires a WHOOP developer client_id/client_secret obtained interactively — this is proportionate to OAuth usage. One minor note: tokens are persisted to the OS config directory per the instructions; users should be aware of on‑disk token storage and the potential exposure via backups or other local processes.
- Persistence & Privilege
- okThe skill does not request 'always' presence and does not modify other skills or system‑wide settings; persisting OAuth tokens to the OS config dir is expected behavior for a CLI and is within scope.