Personal Health Agent
PassAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent and local-first, but it persistently stores sensitive health logs and users should understand when it may record or clear data.
This appears suitable for local health tracking if you are comfortable storing health history on the machine. Before installing, decide where the JSONL data should live, protect that directory like other sensitive personal records, and consider asking the agent to confirm before recording or clearing entries.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Blood pressure, lab, exercise, and body-metric history may remain on the computer in a readable local log and be reused in later summaries.
The skill intentionally keeps a persistent local record of personal health information for later reports and reminders.
Append the record to the local JSONL store... The default store is: ~/.personal-health-agent/health_records.jsonl
Install only if local persistent health logging is desired; store the data in a private location and consider OS-level encryption or backups appropriate for sensitive health data.
A health-related message could be logged if the agent decides the skill applies.
The agent may choose to invoke the skill without the user explicitly naming it, which matters because invocation can record health data.
policy: allow_implicit_invocation: true
If you want stricter control, tell the agent to ask for confirmation before recording health entries.
A user or agent invoking the clear action may remove local health records maintained by the skill.
The handler exposes a clear action that appears intended to remove stored skill data, though the provided SKILL.md does not document this command.
if action == "clear":
return _clear_data()Use clear/delete actions only intentionally, and back up any health history you need to keep.
Running the provided test command executes the local handler code, which is expected for tests but still executes code from the skill package.
The test file dynamically imports and executes handler.py as part of running the behavior tests.
spec.loader.exec_module(module)
Review the skill source before running tests or the handler, especially because the registry source is listed as unknown.