ClawHub

CPAP PrismaAPP Log

v1.1.0

Fetches CPAP therapy data from the PrismaAPP API (Löwenstein Medical) and writes a daily Obsidian log note. Use when the user says "CPAP log", "sleep therapy...

0· 43·0 current·0 all-time
bySanweb@sanwebgit
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, README, SKILL.md, locales, and the Python script all align: the skill logs into my.prismacloud.com, fetches CPAP metrics, and writes a Markdown note to an Obsidian vault. There are no unrelated binaries, cloud providers, or credentials requested.
Instruction Scope
Runtime instructions simply run the included Python script; the script reads a local config.json for email/password, talks to the PrismaAPP API endpoints under the configured api_base, and writes Markdown files to the configured vault path. It does not reference unrelated system paths or external endpoints beyond the configured PrismaAPP API.
Install Mechanism
No install spec and the script uses only Python standard libraries (urllib, zoneinfo, pathlib). Nothing is downloaded from arbitrary URLs and no archives are extracted; risk from installation is minimal.
Credentials
The skill does not request environment variables or platform credentials; it expects a local config.json containing your PrismaAPP email and password. That is proportionate to the function, but storing a plaintext password in a file is a privacy risk — consider file permissions, an app-specific password, or a credential store.
Persistence & Privilege
The skill is not always-enabled and does not request elevated system privileges. It writes notes to your Obsidian vault (expected behavior) and creates the output directory if needed. It does not attempt to modify other skills or system-wide agent settings.
Assessment
This skill appears to do what it says: it logs into my.prismacloud.com with credentials you place in a local config.json, fetches CPAP data, and writes daily notes into your Obsidian vault. Before installing, review and do the following: 1) Inspect config.json and the script yourself and keep config.json out of source control; consider using strict filesystem permissions or a credential manager instead of plaintext passwords. 2) Verify api_base is set to https://my.prismacloud.com (the script warns that other hosts return HTML). 3) Note the script will create files under the vault_path you configure — confirm the path is correct. 4) The navigation link base in the note template is hardcoded to "30 Bereiche/Gesundheit/CPAP/Logs" (minor bug) and may not match your configured log_dir; you may want to update the script to use the configured log_dir for links. 5) Because the skill stores and uses your PrismaAPP credentials, revoke or rotate them if you stop using the skill. If you want added security, adapt the script to read credentials from an OS keyring or prompt at runtime instead of config.json.

Like a lobster shell, security has layers — review code before you run it.

cpapvk979yy3r7jnc40k3kfex6mxdy184enjjhealthvk979yy3r7jnc40k3kfex6mxdy184enjjlatestvk979yy3r7jnc40k3kfex6mxdy184enjjloewensteinvk979yy3r7jnc40k3kfex6mxdy184enjjobsidianvk979yy3r7jnc40k3kfex6mxdy184enjjprismaappvk979yy3r7jnc40k3kfex6mxdy184enjjsleepvk979yy3r7jnc40k3kfex6mxdy184enjj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments