@andreasnlarsen/whoop-cli 0.1.0

package/dist/store/profile-store.js

@@ -0,0 +1,19 @@
+import { profilePath } from '../util/config.js';
+import { readJsonFile, writeJsonFileSecure } from '../util/fs.js';
+export const loadProfile = async (name) => {
+    return readJsonFile(profilePath(name));
+};
+export const saveProfile = async (name, profile) => {
+    await writeJsonFileSecure(profilePath(name), {
+        ...profile,
+        profileName: name,
+        updatedAt: new Date().toISOString(),
+    });
+};
+export const clearProfileTokens = async (name) => {
+    const profile = await loadProfile(name);
+    if (!profile)
+        return;
+    delete profile.tokens;
+    await saveProfile(name, profile);
+};

package/dist/types.js

@@ -0,0 +1 @@
+export {};

package/dist/util/config.js

@@ -0,0 +1,8 @@
+import { homedir } from 'node:os';
+import { join } from 'node:path';
+export const DEFAULT_BASE_URL = 'https://api.prod.whoop.com';
+export const whoopHome = () => join(homedir(), '.whoop-cli');
+export const profilePath = (profile) => join(whoopHome(), 'profiles', `${profile}.json`);
+export const experimentsPath = () => join(whoopHome(), 'experiments.json');
+export const behaviorLogPath = () => join(whoopHome(), 'journal-observations.jsonl');
+export const tokenRefreshSkewSeconds = 120;

package/dist/util/fs.js

@@ -0,0 +1,25 @@
+import { mkdir, readFile, writeFile, chmod, rename } from 'node:fs/promises';
+import { dirname } from 'node:path';
+export const ensureDir = async (path) => {
+    await mkdir(path, { recursive: true });
+};
+export const readJsonFile = async (path) => {
+    try {
+        const raw = await readFile(path, 'utf8');
+        return JSON.parse(raw);
+    }
+    catch (err) {
+        const code = err.code;
+        if (code === 'ENOENT')
+            return null;
+        throw err;
+    }
+};
+export const writeJsonFileSecure = async (path, value) => {
+    await ensureDir(dirname(path));
+    const tmpPath = `${path}.tmp-${Date.now()}`;
+    const body = JSON.stringify(value, null, 2);
+    await writeFile(tmpPath, body, { mode: 0o600 });
+    await chmod(tmpPath, 0o600);
+    await rename(tmpPath, path);
+};

package/dist/util/metrics.js

@@ -0,0 +1,21 @@
+export const avg = (values) => {
+    const valid = values.filter((v) => typeof v === 'number' && Number.isFinite(v));
+    if (!valid.length)
+        return null;
+    return valid.reduce((a, b) => a + b, 0) / valid.length;
+};
+export const round = (value, digits = 1) => {
+    if (value === null)
+        return null;
+    const p = 10 ** digits;
+    return Math.round(value * p) / p;
+};
+export const classifyRecovery = (score) => {
+    if (typeof score !== 'number')
+        return 'unknown';
+    if (score >= 67)
+        return 'green';
+    if (score >= 34)
+        return 'yellow';
+    return 'red';
+};

package/dist/util/open-browser.js

@@ -0,0 +1,19 @@
+import { spawn } from 'node:child_process';
+export const tryOpenBrowser = (url) => {
+    const cmds = [
+        ['xdg-open', [url]],
+        ['open', [url]],
+        ['cmd', ['/c', 'start', '', url]],
+    ];
+    for (const [cmd, args] of cmds) {
+        try {
+            const child = spawn(cmd, args, { stdio: 'ignore', detached: true });
+            child.unref();
+            return true;
+        }
+        catch {
+            // try next
+        }
+    }
+    return false;
+};

package/dist/util/prompt.js

@@ -0,0 +1,12 @@
+import { createInterface } from 'node:readline/promises';
+import { stdin as input, stdout as output } from 'node:process';
+export const ask = async (question) => {
+    const rl = createInterface({ input, output });
+    try {
+        const answer = await rl.question(question);
+        return answer;
+    }
+    finally {
+        rl.close();
+    }
+};

package/dist/util/time.js

@@ -0,0 +1,47 @@
+import { usageError } from '../http/errors.js';
+const DATE_RX = /^\d{4}-\d{2}-\d{2}$/;
+export const isIsoDate = (value) => DATE_RX.test(value);
+export const assertIsoDate = (value, label = 'date') => {
+    if (!isIsoDate(value)) {
+        throw usageError(`${label} must be in YYYY-MM-DD format`, { value });
+    }
+    return value;
+};
+export const dateToIso = (date) => {
+    const y = date.getUTCFullYear();
+    const m = String(date.getUTCMonth() + 1).padStart(2, '0');
+    const d = String(date.getUTCDate()).padStart(2, '0');
+    return `${y}-${m}-${d}`;
+};
+export const daysAgoIso = (days, now = new Date()) => {
+    const ms = now.getTime() - days * 24 * 60 * 60 * 1000;
+    return dateToIso(new Date(ms));
+};
+export const parseDateRange = ({ start, end, days }) => {
+    if (start)
+        assertIsoDate(start, 'start');
+    if (end)
+        assertIsoDate(end, 'end');
+    if (days !== undefined && Number.isNaN(days)) {
+        throw usageError('days must be a number');
+    }
+    if (start || end) {
+        return { start, end };
+    }
+    if (days && days > 0) {
+        return {
+            start: daysAgoIso(days),
+            end: undefined,
+        };
+    }
+    return {};
+};
+export const parseMaybeNumber = (value) => {
+    if (value === undefined)
+        return undefined;
+    const n = Number(value);
+    if (Number.isNaN(n)) {
+        throw usageError('value must be numeric', { value });
+    }
+    return n;
+};

package/dist/util/webhook-signature.js

@@ -0,0 +1,32 @@
+import { createHmac, timingSafeEqual } from 'node:crypto';
+import { readFile } from 'node:fs/promises';
+import { usageError } from '../http/errors.js';
+export const buildWhoopSignature = (timestamp, rawBody, clientSecret) => {
+    const payload = `${timestamp}${rawBody}`;
+    const digest = createHmac('sha256', clientSecret).update(payload).digest('base64');
+    return digest;
+};
+const safeCompare = (a, b) => {
+    const aBuf = Buffer.from(a);
+    const bBuf = Buffer.from(b);
+    if (aBuf.length !== bBuf.length)
+        return false;
+    return timingSafeEqual(aBuf, bBuf);
+};
+export const verifyWhoopSignature = ({ timestamp, rawBody, clientSecret, signature, }) => {
+    const expected = buildWhoopSignature(timestamp, rawBody, clientSecret);
+    return safeCompare(expected, signature.trim());
+};
+export const readRawBodyFromFile = async (filePath) => {
+    if (!filePath)
+        throw usageError('body-file is required');
+    try {
+        return await readFile(filePath, 'utf8');
+    }
+    catch (err) {
+        throw usageError('Unable to read body file', {
+            filePath,
+            cause: err instanceof Error ? err.message : String(err),
+        });
+    }
+};

package/openclaw-skill/SKILL.md

@@ -0,0 +1,33 @@
+---
+name: whoop-cli
+description: Use whoop-cli to fetch WHOOP data, generate day briefs/health flags, and export trend data for automation workflows.
+---
+
+# whoop-cli
+
+Use the installed `whoop` command.
+
+## Core checks
+
+1. `whoop auth status --json`
+2. If unauthenticated: `whoop auth login --client-id ... --client-secret ... --redirect-uri ...`
+3. Validate: `whoop day-brief --json --pretty`
+
+## Useful commands
+
+- Daily:
+  - `whoop summary --json --pretty`
+  - `whoop day-brief --json --pretty`
+  - `whoop strain-plan --json --pretty`
+  - `whoop health flags --days 7 --json --pretty`
+- Trends:
+  - `whoop sleep trend --days 30 --json --pretty`
+  - `whoop workout trend --days 14 --json --pretty`
+- Export:
+  - `whoop sync pull --start YYYY-MM-DD --end YYYY-MM-DD --out ./whoop.jsonl --json --pretty`
+
+## Safety
+
+- Never print client secrets or raw tokens.
+- Keep API errors concise and actionable.
+- Treat this integration as unofficial/non-affiliated.

package/package.json

@@ -0,0 +1,37 @@
+{
+  "name": "@andreasnlarsen/whoop-cli",
+  "version": "0.1.0",
+  "description": "Open-source WHOOP CLI for humans and agents",
+  "type": "module",
+  "license": "MIT",
+  "bin": {
+    "whoop": "dist/index.js"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "dev": "tsx src/index.ts --help",
+    "typecheck": "tsc -p tsconfig.json --noEmit",
+    "test": "tsx --test test/**/*.test.ts",
+    "prepare": "npm run build",
+    "prepack": "npm run build"
+  },
+  "files": [
+    "dist",
+    "openclaw-skill",
+    "scripts/whoop-refresh-monitor.sh",
+    "README.md",
+    "LICENSE"
+  ],
+  "dependencies": {
+    "commander": "^13.1.0",
+    "zod": "^3.24.2"
+  },
+  "devDependencies": {
+    "@types/node": "^22.13.10",
+    "tsx": "^4.19.3",
+    "typescript": "^5.8.2"
+  }
+}

package/scripts/whoop-refresh-monitor.sh

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+PROFILE="${WHOOP_PROFILE:-default}"
+CLI="${WHOOP_CLI_BIN:-whoop}"
+
+# 1) Refresh token state
+$CLI auth refresh --profile "$PROFILE" --json >/tmp/whoop-auth-refresh.json
+
+# 2) Lightweight health check
+$CLI summary --profile "$PROFILE" --json >/tmp/whoop-summary.json
+
+echo "whoop refresh monitor: ok"