Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Water Coach
v1.7.0Hydration tracking and coaching skill. Use when user wants to track water intake, get reminders to drink water, log body metrics (weight, body fat, muscle %,...
⭐ 2· 891·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (hydration tracking, reminders, body metrics) match the included code and CLI. The code implements logging, analytics, scheduling, and body-metrics features described in SKILL.md. Reading session transcripts to capture a message_id and providing an audit trail is coherent with the stated 'proof / audit' capability.
Instruction Scope
SKILL.md instructs the agent to run the included CLI and to store data in the agent workspace. The instructions and code also read the agent session transcript files to auto-fill message_id and — when configured — to return message context for audits. That transcript access is documented in the SKILL.md (audit auto-capture default: false), but it is privacy-sensitive and worth noting: message_id is auto-captured on log operations by scanning session jsonl files, and full message context is only read when audit_auto_capture is enabled or when water audit is run with permission.
Install Mechanism
Instruction-only plus Python scripts: there is no install spec, no external downloads, and no package manager installs. The skill writes files to the agent workspace when run, which is expected for a local CLI-based tracker.
Credentials
The skill does not request environment variables, binaries, or credentials. It uses the PWD env var (falling back to a default workspace path) to locate the agent workspace and session files — this is functional but relies on environment/path assumptions. The main privacy-sensitive access is reading session transcript files (workspace/.openclaw/agents/main/sessions) to obtain message IDs and optional message context; while relevant to the audit feature, users should be aware this grants the skill access to conversation transcripts.
Persistence & Privilege
The skill stores data under the agent workspace (memory/data/*.csv and water_config.json). always is false and the skill does not request system-wide or other-skill configuration modifications. Creating/reading its own files in the agent workspace is expected behaviour for this kind of skill.
Assessment
What to consider before installing:
- Privacy: The skill reads session transcript files to auto-fill a message_id for each log and can read message content for audits when you enable audit_auto_capture; leave audit_auto_capture disabled if you do not want the skill to read transcripts.
- Data storage: Your water logs and config are stored in the agent workspace (memory/data/water_log.csv, water_config.json, body_metrics.csv). Back up or inspect those files if you want control over retention.
- No external network or credentials are requested by the skill (no API keys, no installers), but review the get_message_context/get_current_message_id code if you want to confirm exactly which session files are accessed.
- If you have strict privacy requirements, consider running the skill in a separate workspace or disabling the audit/context features; otherwise the behavior is consistent with the stated purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk97ay5dhapaj46my1851pcevvn81q90v
License
MIT-0
Free to use, modify, and redistribute. No attribution required.