Skill Health
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears purpose-aligned for local wearable CSV analysis, with normal precautions needed because it handles sensitive health data and has limited provenance metadata.
Before installing or running, confirm the source is acceptable, run it only on the intended wearable export, keep output JSON files private, and treat health alerts as informational summaries rather than medical diagnoses.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If pointed at the wrong folder or output location, the agent could process or save health summaries somewhere unintended.
The skill asks the agent/user to run local scripts over user-selected files and optionally write outputs. This matches the health-analysis purpose, but users should keep the input and output paths tightly scoped.
Run analysis scripts from `scripts/` with a `--data-path` (ZIP or folder) or `--data-dir` ... Each script prints JSON to stdout and can also write a file with `--output-dir`.
Run it only on the intended wearable export and choose a private, explicit output directory.
Users have less external context for verifying the package origin or dependency setup.
The artifacts provide limited upstream provenance and no automated install manifest, even though the skill includes runnable Python scripts. This is a review note about traceability, not suspicious behavior by itself.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Review the included code before use and install dependencies such as pandas from a trusted, pinned environment.
Generated JSON reports may reveal personal health patterns if stored in a shared folder or later attached to another task.
The skill creates persistent summaries of sensitive health data. This is expected for the purpose, but the generated reports should be treated as private data.
Analyze wearable health CSV exports (steps, heart rate, sleep, calories, SpO2, exercise, distance) and produce compact JSON reports ... can also write a file with `--output-dir`.
Store outputs in a private location, avoid committing or sharing them accidentally, and review reports before sending them elsewhere.