首页 / 技能 / Openclaw Strava — 技能工具

📦 Openclaw Strava — 技能工具

v1.0.0

Official Strava OAuth integration for OpenClaw. Use to connect/authorize Strava, store+refresh tokens, and fetch workout/activity data (runs/rides/etc.) for...

0· 33·0 当前·0 累计
swang62 头像by @swang62 (Steve Wang)·MIT-0
开发工具代码生成数据分析数据可视化安全
下载技能包
License
MIT-0
最后更新
2026/4/15
0
安全扫描
VirusTotal
无害
查看报告
OpenClaw
可疑
medium confidence
The skill's code implements a straightforward Strava OAuth integration and matches its description, but the package metadata and declared requirements are inconsistent (missing required env vars in registry, mismatched owner/version), so the packaging/manifest integrity is questionable.
评估建议
The code itself appears to correctly implement Strava OAuth and API usage (no hidden endpoints), but the package metadata is inconsistent: the SKILL.md and scripts require STRAVA_CLIENT_ID, STRAVA_CLIENT_SECRET, and STRAVA_REDIRECT_URI while the registry entry lists none. Also ownerId/version in _meta.json don't match the registry data. Before installing: (1) verify the skill's source/owner (compare the published registry entry to the bundled _meta.json), (2) be prepared to provide your Strava c...
详细分析 ▾
用途与能力
The name/description match the included scripts: OAuth login, token management, activity fetch, normalization, and rendering. The network calls are only to Strava's documented endpoints. However, registry metadata claims no required env vars while SKILL.md and the scripts require STRAVA_CLIENT_ID, STRAVA_CLIENT_SECRET, and STRAVA_REDIRECT_URI — an inconsistency in the manifest. Also _meta.json ownerId/version differ from registry metadata.
指令范围
SKILL.md instructs only to run the included Python scripts for OAuth and activity fetching/processing. The runtime instructions do not ask the agent to read unrelated system files or send data to unexpected endpoints; network traffic is limited to Strava's API. The scripts write a token file (default ~/.config/openclaw/strava/token.json) which is expected for OAuth flows.
安装机制
There is no install spec (instruction-only skill with bundled Python scripts). No downloads or external package installs are performed; scripts use only the Python standard library. This is a low-risk install mechanism.
凭证需求
The code legitimately needs STRAVA_CLIENT_ID, STRAVA_CLIENT_SECRET, and STRAVA_REDIRECT_URI (plus optional STRAVA_TOKEN_PATH, STRAVA_SCOPES, STRAVA_TZ), but the registry metadata lists no required environment variables. The omission in the manifest is a packaging/integrity problem and could mislead automated permission reviews. The scripts will persist OAuth tokens to a file in the user's home directory (sensitive secrets).
持久化与权限
The skill is not marked always:true and does not auto-modify other skills. It writes/maintains its own token file under ~/.config/openclaw/strava/token.json (normal for an OAuth integration). No system-wide privileged changes are performed.
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv1.0.02026/4/15

Initial release of Strava OAuth integration for OpenClaw. - Enables secure Strava account connection and authorization via OAuth. - Stores and refreshes access tokens automatically. - Fetches and normalizes workout/activity data (runs, rides, etc.) for specific dates or ranges. - Provides tools to generate training summaries, weekly mileage, and activity lists. - Output is formatted for use in the OpenClaw Wellness hub or for generic channel delivery.

无害

安装命令

点击复制
官方npx clawhub@latest install strava-api
镜像加速npx clawhub@latest install strava-api --registry https://cn.longxiaskill.com

技能文档

Keep this skill source-only: connect to Strava, fetch activities, normalize output, and render a short message. Delivery is channel-agnostic.

Configuration

Required env vars:

  • STRAVA_CLIENT_ID
  • STRAVA_CLIENT_SECRET
  • STRAVA_REDIRECT_URI

Optional:

  • STRAVA_TOKEN_PATH (default: ~/.config/openclaw/strava/token.json)
  • STRAVA_TZ (default: Asia/Shanghai)

Connect (OAuth)

Choose one mode:

  • Phone/remote mode (recommended):
python3 scripts/strava_oauth_login.py
  • Desktop loopback mode (optional): if you are authorizing in a browser on the same machine that runs OpenClaw and your STRAVA_REDIRECT_URI is a loopback URL (e.g. http://127.0.0.1:58539/callback):
python3 scripts/strava_oauth_login.py --loopback

Fetch activities for a day

python3 scripts/strava_fetch_activities.py --date today --out /tmp/strava_raw_today.json
python3 scripts/strava_normalize_daily.py /tmp/strava_raw_today.json --out /tmp/strava_today.json
python3 scripts/strava_render.py /tmp/strava_today.json --format markdown --channel generic

Notes

  • API details: references/strava_api.md
  • Normalized output contract (for Wellness hub): references/output_schema.md
数据来源ClawHub ↗ · 中文优化:龙虾技能库