Samsung Health
v1.0.1Analyze Samsung Health Connect data synced to Google Drive. Use for health tracking queries like sleep analysis, step counting, heart rate monitoring, SpO2 b...
⭐ 0· 656·0 current·0 all-time
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the required pieces: it needs access to Google Drive exports and a local CLI to parse Health Connect data. Declared required binaries (gog, python3) align with downloading from Drive and running a Python CLI.
Instruction Scope
SKILL.md stays on-topic: it instructs how to clone the repo, create a venv, configure a per-user ~/.config/samsung-health/config.yaml, and run the shealth CLI. It does not ask the agent to read unrelated system files or export data to unexpected endpoints. The one scope-expanding step is the instruction to fetch and install external code (see install_mechanism).
Install Mechanism
No packaged install spec in the registry, but SKILL.md directs git clone from https://github.com/mudgesbot/samsung-health-skill and pip install -e . GitHub is a common host, but cloning and installing arbitrary repository code executes remote code locally (setup/install hooks). Users/agents should review the repository before running the install commands and prefer an isolated environment.
Credentials
The skill requests no environment variables and only requires gog and python3. The config file asks for a Google Drive folder_id and account (expected for Drive access). No unrelated credentials or broad environment access are requested by the skill itself.
Persistence & Privilege
always:false and the skill asks to create its own config under ~/.config/samsung-health (normal). Be aware that an autonomous agent invocation could perform the git clone/pip install steps if permitted — this is a standard platform behavior but increases risk if you do not trust the repository.
Scan Findings in Context
[no_regex_findings] expected: The scanner found nothing because the skill package contains only SKILL.md (instruction-only). SKILL.md itself includes a git clone command; that external repository was not scanned.
Assessment
This skill appears to do what it says, but it fetches and installs code from a third‑party GitHub repository. Before installing or letting an agent run it automatically: (1) manually review the repo (README, setup.py/pyproject, and any install scripts) to ensure there are no malicious install hooks; (2) run the install inside an isolated environment (container or dedicated VM) and not on a sensitive host; (3) ensure the gog CLI is configured with a Google account you are willing to grant Drive access to (use the least-privilege account possible); (4) if you don't trust the repo, decline automatic installation and ask the skill author for a signed release or a vetted package instead.Like a lobster shell, security has layers — review code before you run it.
Runtime requirements
Binsgog, python3
fitnesshealthheart-ratelatestsamsungsleepspo2steps
Samsung Health Connect CLI
Analyze health data from Samsung Health Connect exported to Google Drive.
Prerequisites
- Samsung Galaxy Watch or Galaxy Ring with Samsung Health
- Samsung Health Connect app with Google Drive backup enabled
gogCLI for Google Drive access (part of Clawdbot)
Installation
cd /path/to/workspace/projects
git clone https://github.com/mudgesbot/samsung-health-skill.git
cd samsung-health-skill
python3 -m venv .venv
source .venv/bin/activate
pip install -e .
Configuration
Create ~/.config/samsung-health/config.yaml:
google_drive:
folder_id: "YOUR_FOLDER_ID" # From Google Drive URL
account: "your.email@gmail.com" # Google account for gog CLI
file_name: "Health Connect.zip"
goals:
daily_steps: 10000
sleep_hours: 8
timezone: "Europe/Copenhagen"
Commands
All commands require activating the venv first:
cd /path/to/samsung-health-skill && source .venv/bin/activate
Sync Data
shealth sync # Download latest from Google Drive
shealth sync --force # Force re-download
Quick Daily View
shealth today # Today's snapshot (steps, sleep, HR, SpO2)
Status
shealth status # Data freshness, record counts, date range
Sleep Analysis
shealth sleep # Last 7 days
shealth sleep --days 14 # Custom period
Shows: duration, stage breakdown (Light/Deep/REM/Awake), trends.
Step Tracking
shealth steps # Last 7 days
shealth steps --week # Weekly view
shealth steps --month # Monthly view
Shows: daily counts, goal progress, streaks.
Heart Rate
shealth heart # Last 7 days
shealth heart --days 14 # Custom period
Shows: average, min/max, daily trends.
Blood Oxygen (SpO2)
shealth spo2 # Last 7 days
shealth spo2 --days 14 # Custom period
Shows: average, range, trend. Normal: 95-100%.
Workouts
shealth workout # Last 30 days
shealth workout --days 90 # Custom period
Shows: session count, duration, types (Walking, Running, Swimming, etc.)
Health Report
shealth report # Comprehensive 7-day summary
shealth report --days 14 # Custom period
Shows: Energy Score, sleep summary, activity, heart rate.
JSON Output
Add --json flag to any command for machine-readable output:
shealth --json today
shealth --json sleep --days 7
shealth --json report
Sleep Stage Codes
| Code | Stage |
|---|---|
| 1 | Light Sleep |
| 4 | Deep Sleep |
| 5 | Awake |
| 6 | REM Sleep |
Exercise Types
| Code | Type |
|---|---|
| 53 | Walking |
| 33 | Running |
| 61 | Hiking |
| 21 | Cycling |
| 58 | Swimming |
| 4 | Weight Training |
| 66 | Yoga |
Troubleshooting
"Database not found" — Run shealth sync first.
"Google Drive not configured" — Create config.yaml with folder_id and account.
SpO2/HRV shows 0 records — Requires Galaxy Watch 4+ or Galaxy Ring; may need enabling in Samsung Health settings.
Source
Comments
Loading comments...