garmin-connect-skill
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The Garmin health-sync purpose is coherent, but the artifacts show risky credential handling: the skill asks for a Garmin password, stores it in reversible Base64 while describing it as encrypted/OAuth, and includes optional persistent syncing and health-report sharing.
Review this skill carefully before installing. It appears intended to sync Garmin health data, but you should not provide your primary Garmin password unless you accept that the included script stores it in a reversible local file. Prefer using a dedicated/app-specific credential if available, protect `~/.garth/session.json` and `~/.clawdbot/garmin/data.db`, remove or replace the hardcoded Feishu app credential before using Feishu reporting, and enable the systemd timer only if you want ongoing background sync.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any process that can read the session file may be able to recover the Garmin account password, not just an OAuth token.
The script saves the Garmin account password using Base64, which is reversible and is not encryption, while labeling it as encrypted.
encoded_password = base64.b64encode(password.encode()).decode() ... "password_encrypted": encoded_password
Use a real OAuth/token flow or OS keyring, do not store the raw account password, avoid taking passwords via command-line arguments, and declare this credential requirement clearly in metadata.
Users may trust the setup as safer than it is and may provide a primary Garmin password without understanding how it is stored.
The user-facing documentation says OAuth is used and credentials are encrypted, but the included auth script stores a reversible Base64-encoded password.
description: "... sync fitness data ... using OAuth ..." ... 认证成功后,凭证会加密保存到 `~/.garth/session.json`。
Update the documentation to accurately describe the auth method and storage risk, or change the implementation to match the OAuth/encrypted-storage claim.
Users could unknowingly use a shared or publisher-controlled Feishu app credential when sending health reports, creating unclear account ownership and permission boundaries.
The Feishu setup flow includes a hardcoded App Secret used when the user leaves the field blank.
if not app_secret:
app_secret = "sXYUTkNRSSBFxYTTS8UNfe7koyZwS8PB"Remove hardcoded third-party secrets and require users to provide their own Feishu app credentials or webhook configuration.
Your steps, heart rate, sleep, workouts, and other health metrics may remain on disk and be available to future skill runs or local processes.
The skill persistently stores detailed personal health data locally for later reuse by OpenClaw and related scripts.
Data is stored in SQLite database for fast access. ... 数据库:`~/.clawdbot/garmin/data.db`
Install only on a trusted machine, protect the database file, and understand how to delete the stored data if you stop using the skill.
If configured, private health summaries can be delivered to a Feishu group or webhook destination outside OpenClaw.
The optional webhook report script sends generated health summaries to a configured external Feishu webhook.
response = requests.post(webhook_url, json=data, timeout=10)
Use this only with a trusted webhook destination and verify which chat or service will receive the reports.
After setup, the skill may keep syncing health data on a schedule rather than only when you manually ask.
The documentation describes enabling a persistent systemd timer for recurring Garmin sync.
每1小时自动同步一次(systemd timer): ... sudo systemctl start garmin-sync.timer sudo systemctl enable garmin-sync.timer
Enable the timer only if you want background syncing, and disable the timer if you no longer want automatic updates.
A future dependency version could behave differently from the version the author tested.
The skill relies on external Python packages with lower-bound versions rather than exact pinned versions.
garminconnect>=0.2.38 requests>=2.28.0 python-dateutil>=2.8.2 garth>=0.5.0
Prefer pinned dependency versions or a lockfile for reproducible installs.