ClawHub

Nori Health

v1.0.6

Query your personal health data from wearables and nutrition logs and get AI coaching on sleep, workouts, heart rate, recovery, and health insights.

2· 556·1 current·1 all-time
byDan Murphy@danmurphy1217

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for danmurphy1217/nori-health.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Nori Health" (danmurphy1217/nori-health) from ClawHub.
Skill page: https://clawhub.ai/danmurphy1217/nori-health
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install nori-health

ClawHub CLI

Package manager switcher

npx clawhub@latest install nori-health
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (health coaching from wearables/nutrition) matches the runtime instructions: messages are POSTed to https://api.nori.health with a Bearer NORI_API_KEY. The requirement for curl/jq and an API key is appropriate. Note: the registry metadata supplied earlier stated no required env vars, but SKILL.md declares NORI_API_KEY and required bins (curl, jq) — this mismatch may cause runtime confusion or deployment errors.
Instruction Scope
SKILL.md limits behavior to forwarding the user's message verbatim to Nori and returning Nori's reply verbatim. It does not instruct reading unrelated files or other credentials. Important privacy note: forwarding verbatim health data to an external service is expected for the skill but is inherently sensitive — the instructions also suggest storing the API key in ~/.openclaw/openclaw.json (plaintext), which raises local-secret storage risk.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk by the skill itself. This is a low-installation-risk configuration.
Credentials
The only credential the instructions require is NORI_API_KEY, which is proportional to the stated API-forwarding purpose. The declared dependency on curl and jq is reasonable. However, the registry-level metadata earlier indicated no required env vars while the SKILL.md requires NORI_API_KEY — this inconsistency should be resolved before install. Also consider that the API key and sensitive health data are being transmitted to a third party, which is a significant privacy consideration even if technically proportional.
Persistence & Privilege
The skill does not request always:true or any elevated persistence or system-wide configuration changes. It only suggests storing a key in the agent's config (its own config), which is normal for API-based skills.
Assessment
This skill appears to do what it says: it relays your health-related messages to Nori's API and returns Nori's reply. Before installing: 1) Be sure you trust Nori (https://nori.health) and read its privacy policy — you're sending sensitive health data to an external service. 2) Verify the skill's source/owner if possible (registry shows an owner ID but no homepage in the top-level metadata); unknown source reduces trust. 3) Note the registry metadata mismatch: SKILL.md requires NORI_API_KEY and curl/jq but the registry entry earlier listed none — fix or verify this to avoid runtime failures. 4) Prefer storing the API key in a secure secrets store rather than in plaintext in ~/.openclaw/openclaw.json. 5) Consider limiting what you ask the skill (avoid sending identifiers, SSNs, or other non-essential sensitive data) and confirm Nori's data retention/sharing policies. If you need help validating the homepage, API domain, or privacy terms, verify those before enabling the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk977rppwhasnw0vv9wacsvkhx181k4mr
556downloads
2stars
7versions
Updated 2mo ago
v1.0.6
MIT-0
Dan Murphy@danmurphy1217
latest
Download

Nori Health Coach

Send health questions to Nori and return the response. Nori analyzes data from wearables (Apple Watch, Oura, Garmin, Whoop, etc.), meals, workouts, weight, and lab results.

Setup

  1. Install the Nori iOS app and connect your wearables
  2. In the Nori app, go to Settings > Integrations > OpenClaw
  3. Generate an API key (starts with nori_)
  4. Set the environment variable: 
    export NORI_API_KEY="nori_your_key_here"
    Or add to ~/.openclaw/openclaw.json: 
    {
  "skills": {
    "entries": {
      "nori-health": {
        "apiKey": "nori_your_key_here"
      }
    }
  }
}

When to Use

  • "Compare my sleep on days I work out vs rest days"
  • "What should I eat to hit my protein goal today?"
  • "Show me my resting heart rate trend this month"
  • "How's my recovery looking after yesterday's run?"
  • "I had two eggs and toast with avocado for breakfast"
  • "I did 30 minutes of strength training"
  • "What patterns do you see between my sleep and HRV?"

Usage

Send the user's message to Nori via the chat endpoint. Always forward the user's exact words.

Use jq -n to safely escape the user's message into valid JSON, and capture the HTTP status code to handle errors:

RESPONSE=$(curl -s -w "\n%{http_code}" -X POST "https://api.nori.health/api/v1/openclaw/chat" \
  -H "Authorization: Bearer $NORI_API_KEY" \
  -H "Content-Type: application/json" \
  -d "$(jq -n --arg msg "USER_MESSAGE_HERE" '{message: $msg}')")
HTTP_CODE=$(echo "$RESPONSE" | tail -1)
BODY=$(echo "$RESPONSE" | sed '$d')

if [ "$HTTP_CODE" -eq 200 ]; then
  echo "$BODY" | jq -r '.reply'
elif [ "$HTTP_CODE" -eq 401 ]; then
  echo "Your Nori API key is invalid. Please regenerate it in the Nori app under Settings > Integrations > OpenClaw."
elif [ "$HTTP_CODE" -eq 429 ]; then
  echo "Rate limited. Wait a moment and try again."
else
  echo "Something went wrong connecting to Nori (HTTP $HTTP_CODE)."
fi

Response Handling

  • On success (200): return the .reply field directly to the user as plain text. Do not add markdown formatting, bullet points, or other decoration.
  • On 401: tell the user their Nori API key is invalid and to regenerate it in the Nori app.
  • On 429: tell the user to wait a moment and try again.
  • On other errors: tell the user something went wrong connecting to Nori, including the HTTP status code.

Important

  • Forward the user's message verbatim. Do not rephrase, summarize, or add context.
  • Return Nori's reply verbatim. Do not reformat, summarize, or add commentary.
  • Nori handles all health data analysis, logging, and coaching. Your job is just to relay messages.
  • Nori is not a medical service. If the user asks for medical diagnosis or emergency help, direct them to a doctor or emergency services instead.

Comments

Loading comments...