Strava
Alert level: High
Load and analyze Strava activities, stats, and workouts using the Strava API
Locality:Hybrid
Data access:Sensitive
Actions:Read
Installs 5Downloads 427Stars 3Updated 229h ago
Why this rating
Deterministic checks triggered by the tool capabilities and evidence.
- Locality: Hybrid
Requires Strava OAuth app setup and authenticated API calls.
- Data access: Sensitive
Accesses fitness/activity records and athlete profile statistics.
- Action surface: Read
Commands in SKILL.md are retrieval and analysis oriented (`GET` endpoints, stats reads).
Best practices
Follow these steps to reduce risk when using this skill.
- Store Strava OAuth tokens securely and rotate/revoke them when compromise is suspected.
- Limit requested scopes to the minimum needed for the analytics task.
- Avoid sharing raw activity exports that reveal home/work locations or sensitive routines.
Evidence links
Public sources backing the indicator assignments.
Always be careful when navigating away from the website.
Max-risk rule
If any capability reaches a higher level, the entire indicator level bumps up to keep ratings deterministic and easy to scan.