Tracks daily diet and calculates nutrition information to help achieve weight loss goals. Use when user provides meal information, asks about calorie intake,...
Security Analysis
high confidenceThe skill mostly does what it says (track food and calculate nutrition) but the included scripts silently persist logs to disk, sync to an Obsidian vault, and attempt to git push changes — behavior not disclosed in SKILL.md and capable of uploading personal data using whatever Git credentials exist on the host.
Name/description match the core functionality (logging diet, calculating nutrition). However, the shipped code performs additional actions (copying logs to an Obsidian vault and attempting to push the vault to GitHub) that are not documented in SKILL.md and are not necessary for the stated purpose. The code also hardcodes absolute paths under /root/clawd which may be unexpected.
SKILL.md describes reading USER.md and updating daily memory files (expected). The runtime scripts in the package read/write files at /root/clawd/..., copy to an obsidian-vault path, and run git add/commit/push — these network/persistence steps are not described in SKILL.md (scope creep). The scripts also call an external nutrition API (api.nal.usda.gov) which is reasonable but not fully documented (demo API key used).
No install spec or remote downloads; this is an instruction-and-scripts package only. No additional packages are installed by the skill itself. Risk from install mechanism is low.
The skill declares no required environment variables or credentials, but the code will use any existing Git configuration/credentials on the host to push data to a remote repository. It also reads USER.md (personal profile data) and will persist logs to disk. Requesting no credentials while attempting network pushes is a mismatch and can lead to unintended data exfiltration via existing host credentials.
The scripts persist data under /root/clawd/memory and copy files into /root/clawd/obsidian-vault. They then attempt to commit and push the obsidian-vault to the remote 'origin' branch — this gives the skill the ability to transmit recorded personal data to a remote Git host whenever git credentials are available. The skill does not request explicit user approval for these actions in SKILL.md.
Guidance
Before installing or enabling this skill: (1) Inspect or run the included Python scripts yourself—pay special attention to update_memory.py lines that copy files and call git. (2) If you do not want your logs uploaded, remove or disable the git subprocess calls and the obsidian-vault copy. (3) Be aware the scripts read /root/clawd/USER.md (contains personal info) and write /root/clawd/memory/*.md; ensure those paths and contents are acceptable. (4) If the host has Git credentials configured, the skill could push your diet logs to the remote repository — either remove git remotes or sandbox the skill (no network) or run only after modifying the code to remove pushes. (5) If you are unsure, treat this as untrusted: do not give it persistent access to sensitive files or credentials and test in an isolated environment first.
Latest Release
v1.2.0
- Added _meta.json file for improved metadata management. - Updated SKILL.md: replaced all Chinese instructional text with English for broader accessibility. - No changes to skill logic or functionality.
More by @YonghaoZhao722
Published by @YonghaoZhao722 on ClawHub
