ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Garmin Cli

v1.0.5

Access Garmin Connect health, fitness, and activity data via a non-interactive CLI.

1· 1.7k·5 current·6 all-time
by@voydz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the instructions: the skill is an instruction-only adapter for the 'gc' CLI. The declared required binary is 'gc', which is exactly what the SKILL.md uses. There are no extraneous requirements (no unrelated env vars, no unrelated binaries).
Instruction Scope
SKILL.md stays within scope: it instructs installing and running the 'gc' CLI and lists its commands. It does, however, show example usage that passes email/password (and MFA codes) on the command line (e.g., `gc login --password secret`), which is an insecure practice because it can expose credentials in shell history or process lists. The instructions do not ask the agent to read unrelated files or exfiltrate data to unexpected endpoints.
Install Mechanism
There is no registry install spec, but SKILL.md recommends `brew tap voydz/homebrew-tap` and `brew install garmin-cli`. That installs a binary from a third‑party Homebrew tap (voydz), which may be fine but is higher risk than an official Homebrew/core formula or a signed release on a well-known project page. The skill itself does not automatically download or write code (instruction-only).
Credentials
The skill declares no required environment variables or credentials, which is proportional. However, runtime instructions show passing user credentials and MFA codes on the command line (in examples), which can leak secrets. Also note: once the 'gc' binary is installed, it may store credentials or session tokens locally (keychain/files) — the skill does not document where, so verify the 'gc' tool's storage behavior before use.
Persistence & Privilege
The skill is instruction-only and not marked 'always'. It does not request persistent presence, system-level config changes, or other skills' configuration. The agent can invoke it autonomously (default), but that's expected for skills and is not combined with other red flags here.
Assessment
This skill is coherent: it's just documentation for using a local 'gc' CLI. Before installing or using it: (1) verify the source of the 'gc' binary — the SKILL.md points to a third‑party Homebrew tap (voydz/homebrew-tap); prefer an official project release or verify the tap and binary checksums/signature. (2) Avoid passing passwords or MFA codes on the command line (they appear in shell history and process lists); use interactive prompts, a keychain, or environment-based secrets if supported. (3) Check how the 'gc' binary stores authentication tokens (keychain vs plaintext files) and clean up or revoke credentials if you stop using the tool. (4) If you plan to let an autonomous agent call this skill, be aware the agent will be able to run the installed 'gc' binary and read any files it creates, so restrict agent permissions accordingly. If you want, provide the location (URL/repo) or checksum of the expected 'gc' release and I can re-evaluate with more detail.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b0a6xtckwyg3t2dn96yt6698275kj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Clawdis
Binsgc

Comments