Back to skill
Skillv1.0.0
ClawScan security
Garmin Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 11, 2026, 9:33 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions require a Transition API key and will send your Garmin data to an external service, but the registry metadata does not declare the required credential and the provenance is unclear — proceed only after verifying the provider and updating metadata.
- Guidance
- This skill asks you to generate a TRANSITION_API_KEY and will send your Garmin Connect data to https://api.transition.fun. Before installing: (1) Verify you trust Transition (read its privacy policy and confirm how long it stores/export access); (2) ask the skill publisher to update the registry metadata to declare TRANSITION_API_KEY as a required credential (metadata currently lists none); (3) treat the API key like a password — generate it in your Transition account, restrict or revoke it if you stop using the skill, and do not paste it into public places; (4) if you only want one-off workouts, use the unauthenticated WOD endpoint instead of granting full access; (5) if provenance matters, verify the skill's source repository and publisher identity (the registry owner ID and homepage are not authoritative on their own). If you cannot verify the provider or get corrected metadata, consider this suspicious and avoid installing.
- Findings
[no-code-files] expected: The scanner found no code files to analyze. SKILL.md is instruction-only, which is expected for simple API-binding skills. Lack of code reduces some attack surface but also means the metadata mismatch is the primary issue.
Review Dimensions
- Purpose & Capability
- concernThe skill claims to let an agent query your Garmin data via Transition, which reasonably requires a TRANSITION_API_KEY. However, the registry metadata lists no required environment variables or primary credential. That mismatch (metadata says 'none' but SKILL.md instructs users to set TRANSITION_API_KEY) is an incoherence and makes it harder to audit or enforce least privilege.
- Instruction Scope
- concernSKILL.md only documents HTTP calls to https://api.transition.fun and a free WOD endpoint; it does not instruct reading local files or other system state. However, it does direct agents to use an API key that grants 'full context' on the user's Garmin activities — this means personal fitness data will be sent to an external service. The instructions are otherwise concrete and not open-ended, but the privacy/exfiltration risk (sending all Garmin data to transition.fun) should be considered.
- Install Mechanism
- okThere is no install spec and no code files beyond README and SKILL.md (instruction-only). That lowers installation risk: nothing is downloaded or written to disk by the skill itself. README suggests an optional git clone of a public repo, which is normal but not enforced by the registry.
- Credentials
- concernThe runtime requires a TRANSITION_API_KEY (documented in SKILL.md and README) but the skill metadata does not declare any required environment variables or a primary credential. Requiring a single API key for the external service is proportionate to the feature set, but the metadata omission is a governance/privacy gap. Also note that the API key appears to grant access to all synced Garmin data, which is sensitive personal information.
- Persistence & Privilege
- okThe skill does not request always:true, does not include install scripts, and will not be force-enabled by the platform. It relies on an external API and an API key provided by the user; it does not request elevated platform privileges.