ClawHub

Fitbit Insights

Security checks across malware telemetry and agentic risk

Overview

This Fitbit skill has a legitimate purpose, but it needs review because it asks for persistent access to sensitive fitness and health data with broad triggers and incomplete credential/privacy safeguards.

Install only if you are comfortable giving the assistant access to Fitbit activity, sleep, heart-rate, workout, and profile data. Verify the missing helper scripts from a trusted source before use, restrict the Fitbit app to read-only scopes, protect the config file with restrictive permissions, do not paste tokens into chats or logs, and revoke the Fitbit app tokens when you stop using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The example prompts are very generic fitness questions and could cause the skill to activate for routine health-related conversation where the user may not expect external Fitbit API access or AI analysis of personal data. In a health-data skill, overbroad invocation language increases the risk of unnecessary handling of sensitive wellness information and poor user consent boundaries.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The 'Perfect for' activation guidance is vague and describes broad user populations rather than precise triggers, making it unclear when the skill should activate instead of normal assistant behavior. That ambiguity can lead to unintended routing of ordinary health or motivation questions into a skill that accesses sensitive personal fitness data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The description promotes AI-powered analysis of Fitbit information but does not clearly warn users that personal health and activity data will be transmitted to external services for processing. Because the data includes sleep, heart rate, and workout information, the missing disclosure materially weakens informed consent and increases privacy risk.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger description is broad enough that the skill could activate on generic fitness or health questions without clear user intent to access Fitbit-connected data. In a health-data skill, ambiguous activation increases the risk of unnecessarily pulling or analyzing sensitive personal data when the user may only be asking for general advice.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The overview states that health and activity data are fetched and analyzed by AI, but it does not clearly warn users that sensitive wellness data may be transmitted and processed. Because sleep, heart-rate, and workout data are privacy-sensitive, omission of explicit disclosure can lead to uninformed consent and inappropriate handling of personal data.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill handles highly sensitive health and activity data but does not present a clear user-facing privacy warning before analysis or retrieval. This can lead to users consenting without understanding that sleep, heart rate, and activity history will be accessed and processed, increasing privacy and compliance risk.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
Describing automatic token loading from a fixed filesystem path and background refresh behavior without a warning about credential use and outbound network access reduces transparency around sensitive credential handling. In practice, this can cause the agent to access stored tokens and contact Fitbit services without clear user awareness at the time of use.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal