Health Assistant
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private health details may remain on the device after use, and outdated stored data could influence later health guidance.
The skill persists sensitive health profile, medication, reminder, and health-record data locally for later reuse.
DATA_DIR = Path.home() / ".health_data" ... "profile.json", "medications.json", "reminders.json", "records.json"
Only store information you are comfortable keeping locally, periodically review or delete ~/.health_data, and verify important health decisions with a professional.
An accidental or misunderstood request could change or remove local medication records.
The included helper code can update or delete local medication records, which is purpose-aligned but should be user-directed.
def update_medication(med_id: int, updates: dict) ... def delete_medication(med_id: int) ... json.dump(meds, open(DATA_DIR / "medications.json", 'w'), indent=2)
Confirm with the user before editing or deleting stored health records, and consider backing up important local health data.
Users have less registry-provided assurance about where the included code came from.
Registry-level provenance is not established for a skill that includes local scripts, even though the scripts themselves appear simple and purpose-aligned.
Source: unknown; Homepage: none
Review the included scripts before running them and prefer verified publishers or source links when handling sensitive health data.