Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
healthsync
v1.0.0Queries Apple Health data stored in a local SQLite database. Use this skill to read heart rate, steps, SpO2, VO2 Max, sleep, workouts, resting heart rate, HR...
⭐ 0· 344·1 current·1 all-time
bySiddhartha Varma@bro3886
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description claim read-only queries of an Apple Health SQLite DB; SKILL.md only describes querying that DB (via healthsync CLI or sqlite3). The required capabilities (reading ~/.healthsync/healthsync.db or an exported ZIP) are consistent with the purpose.
Instruction Scope
Instructions remain scoped to reading/parsing Apple Health exports and querying the local DB. They require reading ~/Downloads/export.zip (to parse) and ~/.healthsync/healthsync.db (to query). The skill emphasizes read-only operations, and instructions do not ask for unrelated system files or secrets. However the SKILL.md instructs running install commands that will fetch and execute code from the network and also suggests installing the skill into the agent (e.g., `healthsync skills install`), which may change agent state.
Install Mechanism
There is no formal install spec, but SKILL.md recommends curl -fsSL https://healthsync.sidv.dev/install | bash (download-&-pipe) and an alternate go install github.com/BRO3886/healthsync@latest. The curl|bash source is a personal domain (not a well-known release host); running it executes arbitrary remote code. This is disproportionate risk for a simple query CLI unless you verify the install script and binary.
Credentials
The skill declares no required env vars or config paths, yet the runtime instructions assume a specific local DB path (~/.healthsync/healthsync.db) and an exported ZIP in ~/Downloads. No secrets are requested (good), but the implicit need to read those file paths should have been declared. No unrelated credentials are asked for.
Persistence & Privilege
The skill is instruction-only and does not request always:true or other elevated platform privileges. It suggests installing a binary and optionally installing the skill into the agent, which may modify agent state, but that behavior is explained in SKILL.md rather than being hidden.
What to consider before installing
This skill appears to do what it says (read Apple Health data from a local SQLite DB), but before running anything take these precautions:
- Do not run the curl | bash installer blindly. Inspect the install script at https://healthsync.sidv.dev/install or prefer building from source (go install) or getting a release from the project's verified GitHub releases.
- Expect the skill (or the CLI it recommends) to read ~/Downloads/export.zip and ~/.healthsync/healthsync.db. If those files contain sensitive data you do not want exposed to third-party binaries, avoid installing the CLI or run it in a restricted environment.
- Be cautious with `healthsync skills install` as it may modify agent state; review what that command does before running.
If you can provide the actual installer script or a known-good binary/release URL (or if the project is published on a verified release host), I can raise confidence to high and re-evaluate the install risk.Like a lobster shell, security has layers — review code before you run it.
latestvk978qegvrw77zqtc4r3amanvnn8217w7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.