v1.0.0

RUNSTR Fitness

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:24 AM.

Analysis

The skill is purpose-aligned for fitness coaching, but it asks users to paste a full Nostr private key into the bot and makes strong privacy assurances that the artifacts do not enforce.

GuidanceReview carefully before installing. If you use it, create a dedicated RUNSTR-only Nostr identity and do not paste your main Nostr nsec into the bot. Be aware that the skill will expose private health and journal data to the agent, and verify the nak installation source because it performs the private-key decryption workflow.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

The nsec is never stored, logged, or transmitted — it's used only for the decryption step in your current session.

This absolute privacy assurance could cause unsafe trust, because the same artifact instructs the user to send the private key to the bot and does not show an enforcement mechanism.

User impactUsers may share a highly sensitive private key believing the skill can guarantee no logging or storage.

RecommendationTreat the nsec as a secret credential. The skill should avoid absolute no-logging claims unless backed by a concrete credential-handling mechanism.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

install spec

go | package: github.com/fiatjaf/nak@latest | creates binaries: nak

The dependency is installed from an external Go package using @latest, so the installed code is not version-pinned. The CLI is still purpose-aligned for Nostr access.

User impactFuture changes to the external nak package could change what gets installed.

RecommendationPin the nak version or verify the package source before installation, especially because the tool handles private-key operations.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

Your nsec is your Nostr private key... Tell your bot: "Here's my RUNSTR nsec: nsec1..."

The skill asks the user to disclose a full Nostr private key to the agent. That credential can be broader than read-only RUNSTR backup access.

User impactA bot or environment handling that key could potentially decrypt private Nostr data or act as that Nostr identity, not just read fitness backups.

RecommendationAvoid sharing a main Nostr nsec. If used at all, use a dedicated RUNSTR-only identity and prefer a scoped export or read-only token if the service supports one.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusNote

SKILL.md

What your bot gets access to: ... Daily habits and streaks ... Journal entries with mood and energy levels ... Daily step counts

The skill is designed to read sensitive health, habit, mood, and journal data. This is disclosed and purpose-aligned, but users should recognize the sensitivity.

User impactThe agent may see private fitness history, mood records, habit tracking, and journal content.

RecommendationUse only with an agent and account where you are comfortable exposing this health-related data, and avoid asking the agent to retain or reuse it beyond the current task.