Oura Ring
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: oura-ring-skill Version: 0.1.0 The skill is generally benign, fetching Oura Ring data via its API. However, the `probe_v2.py` and `probe_v2_sessions.py` files contain hardcoded paths to the `.env` file (`/Users/sameerbajaj/clawd/skills/oura-ring/.env`). While these are likely debug scripts and the path points to the skill's own configuration, hardcoding paths to files that contain secrets is a risky practice and could lead to issues in different environments or accidental information exposure, classifying it as suspicious rather than benign.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing and using the skill means giving it access to personal Oura health metrics through your token.
The skill requires an Oura OAuth bearer token to access account health data. This is expected for the purpose, but users should recognize it grants access to sensitive Oura readiness and sleep information.
The CLI reads: - `OURA_TOKEN` (required) - `OURA_BASE_URL` (optional; defaults to `https://api.ouraring.com/v2/usercollection`)
Use a token with the minimum scopes needed, keep the .env file private, and verify OURA_BASE_URL points only to Oura unless intentionally testing.
A user may believe they are using a test env file or no-token mock mode, while the script can instead use the real default token and fetch live Oura data.
The wrapper always uses the default .env file and live CLI calls. This conflicts with SKILL.md instructions claiming `OURA_ENV_FILE=/path/to/.env` can override the env file and `OURA_MOCK=1` runs in mock mode with no token.
ENV_FILE="$SKILL_DIR/.env" ... SLEEP_JSON=$(python3 "$PYTHON_CLI" --env-file "$ENV_FILE" --format json sleep) READINESS_JSON=$(python3 "$PYTHON_CLI" --env-file "$ENV_FILE" --format json readiness) TRENDS_JSON=$(python3 "$PYTHON_CLI" --env-file "$ENV_FILE" --format json trends)
Fix the wrapper to honor `OURA_ENV_FILE` and `OURA_MOCK`, or remove those instructions until implemented.
If an agent or user runs these probe files, they may unexpectedly read a local Oura token and print personal health data to the session.
An included probe script is not documented in SKILL.md, loads a hard-coded local credential path, and performs network calls at top level when executed. A similar pattern appears in `probe_v2_sessions.py`.
load_dotenv("/Users/sameerbajaj/clawd/skills/oura-ring/.env")
token = os.getenv("OURA_PERSONAL_ACCESS_TOKEN")
...
asyncio.run(probe())Remove development probe scripts from the packaged skill, or document them clearly, avoid hard-coded user paths, and guard execution behind an explicit main entry point.
Unexpected or malicious API response content could potentially cause local Python code execution in the user’s environment.
The shell wrapper embeds JSON returned from API-backed CLI calls directly into a generated Python script using triple-quoted strings. If the response content contains delimiter-breaking text, especially via a custom OURA_BASE_URL or compromised endpoint, it could alter the Python code being executed.
python3 - <<EOF
import json
...
sleep_data = json.loads('''$SLEEP_JSON''')
readiness_data = json.loads('''$READINESS_JSON''')
trends_data = json.loads('''$TRENDS_JSON''')Pass JSON through files, stdin, or environment-safe encoding instead of interpolating raw API output into executable Python source.