ClawHub

HealthFit

v1.0.2

Personal comprehensive health management system integrating Western medicine and TCM. Triggers when users discuss workout training plans, nutrition advice, h...

0· 177·1 current·1 all-time
byChenChen@chenchen913
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (personal health + TCM) match the included files: onboarding, role agents, profiling, logging, backup/export/init scripts and local DB schema. Required env vars/binaries: none. The included scripts operate on local data directories and SQLite DB as expected for this purpose.
Instruction Scope
SKILL.md explicitly instructs reading/writing local profile and draft files (data/json/*.json) and routing to role instruction files — this is expected. It also recommends running scripts (init_db/export/backup). No instructions reference unrelated system paths or remote endpoints. Note: the SKILL suggests using a separate 'self-improving-agent-3.0.1' for optimization (an external/local agent call); that is plausible but expands the runtime surface and should be evaluated if you plan to enable that integration.
Install Mechanism
No install spec and no external downloads; the skill is instruction+local scripts only. No network installer or archive extraction was found. Scripts are present and would run locally if executed; review them before running.
Credentials
The skill requests no credentials or environment variables. However, privacy-related configuration is notable: config.json marks sensitive files (private_sexual_health.json) but 'encrypt_sensitive' is false (encryption planned for v3.1). Sensitive data is stored in plaintext by default and backup/export scripts offer only interactive confirmation before including such files. This is coherent but a privacy risk worth highlighting.
Persistence & Privilege
always:false (no force-inclusion). The skill writes logs and creates/reads files inside its own data/ directory (backup.log, security_log.txt, draft_manager.log), which is normal for a local app. It does not request modifying other skills or system-wide agent settings in the provided files.
Assessment
This bundle appears to be what it claims: a local health management skill with scripts for DB init, backup and export. Before installing/using it: 1) Review and decide whether you are comfortable storing very sensitive data (private_sexual_health.json) unencrypted — config.json currently sets encrypt_sensitive:false; consider enabling encryption or storing that file elsewhere. 2) Inspect the scripts (backup.py, export.py, init_db.py, draft_manager.py) before running to confirm behavior and locations where logs/backup files are written (data/db/backup, data/security_log.txt, backup.log). 3) Note a metadata/version mismatch: SKILL.md/frontmatter claims v3.0.1 while registry metadata lists v1.0.2 — ask the publisher for clarification if provenance matters. 4) The skill recommends integration with a 'self-improving-agent' — if you enable such an external/local agent, understand that it broadens runtime capabilities and risk. 5) No network endpoints or credential requests were found in the provided files, so no obvious exfiltration mechanism is present, but always audit any code before giving it access to real personal data.

Like a lobster shell, security has layers — review code before you run it.

fitnessvk975jkt06ng4ddc8epn0a0bkss833ksrhealthvk975jkt06ng4ddc8epn0a0bkss833ksrlatestvk975jkt06ng4ddc8epn0a0bkss833ksrwellnessvk975jkt06ng4ddc8epn0a0bkss833ksr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments