This health skill is mostly purpose-aligned, but it handles very sensitive health data with under-scoped multi-user access controls and some under-disclosed network and file-serving behavior.
Install only in an isolated health workspace and avoid shared/group-bot deployments unless owner_id is enforced fail-closed. Treat the local databases, attachments, backups, reports, and wearable configs as sensitive medical data. Do not enter passwords or API keys in chat, avoid public binding of the attachment server, and enable external services such as DDInter, vision/LLM providers, embeddings, USDA, backend APIs, or wearable sync only after confirming what data will leave the machine.