← Back to Skills Marketplace
ivangdavila

Apple Health

by Iván · GitHub ↗ · v1.0.0
darwinlinuxwin32 ⚠ suspicious
504
Downloads
1
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install apple-health
Description
Connect agents to Apple Health exports with MCP setup, schema validation, and privacy-safe analysis.
README (SKILL.md)

Setup

On first use, read setup.md for integration guidelines.

When to Use

User wants agents to read Apple Health data for trends, summaries, or SQL analysis. Agent handles export validation, MCP server wiring, and safe query/report flows without exposing private health records.

Architecture

Memory lives in ~/apple-health/. See memory-template.md for setup.

~/apple-health/
|-- memory.md              # Status, client integration state, latest export path
|-- integrations.md        # Connected MCP clients and validation notes
|-- query-log.md           # Reusable SQL/report prompts and known-good outputs
`-- archive/               # Retired paths and old troubleshooting notes

Quick Reference

Use these files on demand instead of overloading the main instructions.

Topic File
Setup process setup.md
Memory template memory-template.md
MCP client wiring mcp-config.md
Query recipes query-recipes.md
Fallback CLI paths fallback-cli.md

Core Rules

1. Confirm Integration Mode Before Doing Anything

Start by clarifying one of these modes:

  • csv-export using Apple Health CSV exports and MCP
  • not-now if user is only planning and does not want setup yet

Never imply direct HealthKit API access from terminal agents. This skill works from exported data.

2. Validate Local Export Before MCP Wiring

Require a real export folder before configuration:

  • Must exist locally and be readable
  • Must include files matching HKQuantityTypeIdentifier*.csv, HKCategoryTypeIdentifier*.csv, or HKWorkoutActivityType*.csv
  • Must not be an empty unzip folder

If validation fails, stop and fix data path first.

3. Run Runtime Preflight Before MCP Configuration

Before wiring MCP, verify runtime:

  • node -v should be an LTS line (18, 20, or 22)
  • If npx @neiltron/apple-health-mcp fails with missing duckdb.node, switch to LTS Node and retry
  • Confirm HEALTH_DATA_DIR is available as an absolute path

Do not continue while runtime is incompatible.

4. Configure MCP With Explicit Path and Command

Use the MCP server command from mcp-config.md:

  • Command: npx
  • Args: [@neiltron/apple-health-mcp]
  • Env: HEALTH_DATA_DIR=/absolute/path/to/export

Never continue with placeholders or relative paths that are not verified.

5. Schema First, Then Queries

First run schema discovery (health_schema) and map available tables. Only then run health_query or health_report.

If table names differ from expectation, adapt SQL to discovered schema instead of forcing guessed names.

6. Use Date-Bounded Queries By Default

Every analytical query should include time bounds and clear units. Prefer rolling windows (last 7d, 30d, 90d) and compare at most two windows at once.

Avoid unbounded full-history scans unless user explicitly asks.

7. Track Data Freshness and Refresh Points

Log last export timestamp in memory and warn when data is stale. If user needs current-day insights, request a new iPhone export before claiming "latest" trends.

Common Traps

  • Assuming live HealthKit access from CLI agents -> setup fails because only exported data is available
  • Using wrong export path in MCP env -> server starts but returns no data
  • Running SQL before schema discovery -> queries fail on wrong table names
  • Unbounded queries on large exports -> slow analysis and noisy output
  • Reporting "today" metrics from stale export -> inaccurate recommendations
  • Running MCP package on non-LTS Node -> DuckDB native module errors can break startup

External Endpoints

Endpoint Data Sent Purpose
https://registry.npmjs.org Package install metadata only Download MCP server package
https://raw.githubusercontent.com Public markdown only Read validated fallback skill docs
https://apps.apple.com Manual app download traffic Install CSV export app on iPhone

No health record rows should be sent externally by default.

Security & Privacy

Data that leaves your machine:

  • Package install requests to npm
  • Optional app download traffic from App Store

Data that stays local:

  • Apple Health CSV exports
  • MCP query outputs and summaries
  • Skill memory in ~/apple-health/

This skill does NOT:

  • Access iCloud Health data directly
  • Bypass Apple permission prompts
  • Upload health CSVs unless the user asks for that explicitly

Trust

By using this skill, you rely on third-party tooling (@neiltron/apple-health-mcp and the chosen iPhone export app). Only install and run if you trust those tools.

Related Skills

Install with clawhub install \x3Cslug> if user confirms:

  • health - General health guidance boundaries and framing
  • ios - iOS-specific setup and platform troubleshooting
  • sleep - Sleep trend interpretation workflows
  • api - Reliable API and integration debugging habits
  • swift - HealthKit-side implementation context when app code is involved

Feedback

  • If useful: clawhub star apple-health
  • Stay updated: clawhub sync
Usage Guidance
This skill appears coherent with its stated purpose, but it relies on a third-party npm package (@neiltron/apple-health-mcp) that npx will download and run locally. Before installing or running: (1) confirm you trust that npm package and its author (inspect the package source on GitHub or npm), (2) run it in a controlled environment or sandbox if you are cautious, (3) ensure HEALTH_DATA_DIR points to only the exports you want processed, and (4) be aware that ~/apple-health/ will store integration metadata (not raw CSVs unless you explicitly save them). If you want to reduce supply-chain risk, consider installing the MCP package from a vetted release (manual npm install from a pinned version) or using a validated fallback CLI noted in the documentation.
Capability Analysis
Type: OpenClaw Skill Name: apple-health Version: 1.0.0 The skill is classified as suspicious due to its reliance on external command execution, broad file system access, and an explicit supply chain risk. It instructs the agent to execute `npx @neiltron/apple-health-mcp` (found in `SKILL.md`, `mcp-config.md`, `setup.md`), which allows arbitrary code execution if the third-party package is compromised. The skill also requires reading and validating user-provided local paths for health data and fetching documentation from `raw.githubusercontent.com` (`fallback-cli.md`). While these capabilities are necessary for the skill's stated purpose and include some guardrails, they represent significant attack surface and vulnerabilities, not intentional malice within the provided files.
Capability Assessment
Purpose & Capability
Name/description (Apple Health exports, MCP, schema validation, privacy-safe analysis) align with requested binaries (node, npx) and the single env var (HEALTH_DATA_DIR). No unrelated credentials or system-level paths are requested.
Instruction Scope
SKILL.md stays focused: validate a local export, verify Node LTS, wire an MCP server via npx, run schema discovery, then bounded queries. It explicitly forbids claiming live HealthKit access and warns not to upload CSVs by default. Instructions reference only the declared HEALTH_DATA_DIR and local memory files.
Install Mechanism
There is no bundled install spec, but the runtime uses npx to fetch and run @neiltron/apple-health-mcp from the public npm registry (and references GitHub raw pages and the App Store). These are well-known hosts, but running remote npm packages (npx) is a moderate supply-chain risk — expected for this skill's architecture but worth user attention.
Credentials
Only HEALTH_DATA_DIR is required and declared. Optional runtime envs in docs (MAX_MEMORY_MB, CACHE_SIZE) are reasonable for large local datasets. No unrelated tokens, secrets, or system credentials are requested.
Persistence & Privilege
always:false and normal autonomous invocation. Skill writes small local memory files under ~/apple-health/ (documented templates) which is appropriate for its purpose. It does not request elevated or cross-skill configuration changes.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install apple-health
  3. After installation, invoke the skill by name or use /apple-health
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release with Apple Health MCP integration workflow and guarded query patterns.
Metadata
Slug apple-health
Version 1.0.0
License
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Apple Health?

Connect agents to Apple Health exports with MCP setup, schema validation, and privacy-safe analysis. It is an AI Agent Skill for Claude Code / OpenClaw, with 504 downloads so far.

How do I install Apple Health?

Run "/install apple-health" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Apple Health free?

Yes, Apple Health is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Apple Health support?

Apple Health is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux, win32).

Who created Apple Health?

It is built and maintained by Iván (@ivangdavila); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments