Health Manager
v1.0.0Health data management system for tracking blood pressure, heart rate, exercise, and medication. Use when: (1) recording daily health metrics like blood pres...
⭐ 0· 236·3 current·3 all-time
byhaidong@harrylabsj
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (health data manager) match the included code, CLI, DB schema, reports, and docs. Requested resources (none) and declared functionality (SQLite, CLI, device/Apple Health integrations) are coherent with the stated purpose.
Instruction Scope
SKILL.md gives standard local usage (npm install, build, CLI commands) and identifies the local DB path (~/.config/health-manager/health.db). Instructions do not direct the agent to read unrelated system secrets or exfiltrate data, but the project design explicitly describes optional integrations (Apple Health, Google Fit, BLE devices) which — if enabled — will request platform permissions or OAuth flows; those integrations are expected but require explicit user consent.
Install Mechanism
Registry metadata shows no install spec, but SKILL.md and repository include code and explicit npm install/build steps. No remote download URLs or obscure installers were found in the provided files. Installing runs normal npm flow (inspect package.json and any lifecycle scripts first).
Credentials
The skill does not declare or require environment variables or external credentials in metadata. Design docs mention optional OAuth/device integrations — those would legitimately require credentials if you enable them, but nothing in the package silently asks for unrelated secrets.
Persistence & Privilege
Skill is not forced-always, and it does not request system-wide configuration changes in the provided materials. It stores user data locally by default; this is expected for a personal health manager.
Assessment
This package appears to be a local CLI health manager and is generally coherent with its description, but take these precautions before installing/running it: (1) Inspect package.json for postinstall scripts or unusual lifecycle scripts; (2) Review dependencies for native modules or large packages (e.g., puppeteer which downloads Chromium) and be prepared for extra disk/network activity; (3) If you enable Apple Health/Google Fit/Wearable integrations, expect OAuth flows and Bluetooth/device permissions — only grant those when you understand the endpoint and privacy implications; (4) Verify where data is stored (~/.config/health-manager/health.db or ~/.health-manager/) and whether you want it encrypted/backed up; (5) If you are unsure, run npm install and the CLI in a sandboxed or disposable environment first and audit outgoing network connections while exercising sync features.Like a lobster shell, security has layers — review code before you run it.
clivk975xrk7cqp50pgcmvdb64bkp582jxx8fitnessvk975xrk7cqp50pgcmvdb64bkp582jxx8healthvk975xrk7cqp50pgcmvdb64bkp582jxx8latestvk975xrk7cqp50pgcmvdb64bkp582jxx8trackingvk975xrk7cqp50pgcmvdb64bkp582jxx8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.