Hevy

The name/description (Hevy CLI) match the code and SKILL.md: the package implements a CLI client that talks to https://api.hevyapp.com and requests only HEVY_API_KEY. One small inconsistency: SKILL.md declares a required binary 'hevy' (which is correct for runtime use), and the repository includes source and a package.json that would install a 'hevy' binary when built/installed — but there is no install specification in the skill metadata. This is more of an operational mismatch (user/agent must ensure the 'hevy' binary is present or build it from source) than a functional or malicious inconsistency.

SKILL.md instructs the agent to use the hevy CLI and to set HEVY_API_KEY; commands and endpoints listed correspond to the code. Instructions do not ask the agent to read unrelated files, access unrelated environment variables, or send data to unexpected endpoints — all network calls target the Hevy API.

There is no install spec in the registry metadata (lowest-risk), but the package includes source and a package.json that defines a 'hevy' bin. This means the skill will not automatically install/build the binary; an operator or environment must already have 'hevy' on PATH or build/install it manually. No remote/download-based installation or suspicious external URLs are present.

Only HEVY_API_KEY is required, which is appropriate for a client that talks to the Hevy API. The code reads only that environment variable and uses it for authenticated API requests. No unrelated secrets or multiple credentials are requested.

The skill does not request always:true and does not modify other skills or system configuration. disable-model-invocation is false (normal) so the agent may invoke it autonomously — this is the platform default and not by itself a red flag.