iwatch-swim-tracker
ReviewAudited by ClawScan on May 10, 2026.
Overview
This swim tracker is mostly purpose-aligned, but it stores and reuses workout history and has unsafe local file/command handling that could affect a user's files or trend reports.
Before installing, clear or separate the bundled swim_data records, confirm where your health metrics will be stored, and avoid letting the agent save data until the date/path validation and JSON command-passing issues are fixed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Trend analysis may include someone else's preloaded swim history, producing misleading comparisons or advice.
The skill package includes real-looking workout and heart-rate records under the active swim_data directory. Since the history query code reads that directory for trend analysis, a new user's reports can be influenced by bundled data that is not disclosed as sample-only.
"date": "2026-03-13", ... "avg_heart_rate": 158, "max_heart_rate": 185
Ship examples outside the live data directory, start with an empty swim_data store for users, or clearly separate sample data from user history.
A malformed or adversarial date value could cause the save helper to create or overwrite JSON files outside the intended workout-data folder.
The model-extracted date controls path components and the output filename without enforcing the documented YYYY-MM-DD format or checking that the resolved path stays inside swim_data.
date_str = data["date"]
year, month, _ = date_str.split("-")
...
file_path = dir_path / f"{date_str}.json"
...
file_path.write_text(...)Validate dates with a strict YYYY-MM-DD parser, reject slashes/absolute paths, and verify the resolved output path remains under DATA_DIR before writing.
A crafted screenshot or extracted value could make the save command fail or, in the worst case, run unintended shell text.
The documented workflow places extracted JSON directly inside single quotes in a shell command. OCR/user-derived values containing apostrophes or shell metacharacters could break quoting or be interpreted unexpectedly if the agent runs it through a shell.
python3 {baseDir}/scripts/extract_swim_data.py '<json_data>'Pass JSON via stdin, a temporary file, or an argument-vector API instead of shell interpolation; also escape or validate all fields before command execution.
If the helper is used, the user may install whatever Pillow version is current from the package index.
An optional helper documents installing Pillow without a pinned version, while the registry requirements only declare python3. This is purpose-aligned image-processing support but leaves dependency provenance/versioning to the user.
venv/bin/pip install Pillow
Declare the dependency in install metadata and pin a trusted Pillow version or provide a lockfile.