← Back to Skills Marketplace
Healthkit Code Review
by
Kevin Anderson
· GitHub ↗
· v1.2.1
· MIT-0
170
Downloads
0
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install healthkit-code-review
Description
Reviews HealthKit code for authorization patterns, query usage, background delivery, and data type handling. Use when reviewing code with import HealthKit, H...
README (SKILL.md)
HealthKit Code Review
Quick Reference
| Issue Type | Reference |
|---|---|
| HKHealthStore, permissions, status checks, privacy | references/authorization.md |
| HKQuery types, predicates, anchored queries, statistics | references/queries.md |
| Background delivery, observer queries, completion handlers | references/background.md |
| HKQuantityType, HKCategoryType, workouts, units | references/data-types.md |
Review Checklist
-
HKHealthStore.isHealthDataAvailable()called before any HealthKit operations - Authorization requested only for needed data types (minimal permissions)
-
requestAuthorizationcompletion handler not misinterpreted as permission granted - No attempt to determine read permission status (privacy by design)
- Query results dispatched to main thread for UI updates
-
HKObjectQueryNoLimitused only with bounded predicates -
HKStatisticsQueryused for aggregations instead of manual summing - Observer query
completionHandler()always called (usedefer) - Background delivery registered in
application(_:didFinishLaunchingWithOptions:) - Background delivery entitlement added (iOS 15+)
- Correct units used for quantity types (e.g.,
count/minfor heart rate) - Long-running queries stored as properties and stopped in
deinit
When to Load References
- Reviewing authorization/permissions flow -> authorization.md
- Reviewing HKSampleQuery, HKAnchoredObjectQuery, or predicates -> queries.md
- Reviewing HKObserverQuery or
enableBackgroundDelivery-> background.md - Reviewing HKQuantityType, HKCategoryType, or HKWorkout -> data-types.md
Review gates
Run in order. Do not state a finding in a later step until the pass condition for the current step is satisfied (each pass condition is answerable from the codebase under review).
- Scope — Pass: Name the file path(s) and types/symbols using
HealthKit,HKHealthStore, orHK*APIs (or state clearly that the diff touches none). - Availability and store — Pass: Cite the call site of
isHealthDataAvailable()before HealthKit use, or document why omission is acceptable for the scoped code; cite whereHKHealthStoreis created or injected. - Authorization semantics — Pass: For each
requestAuthorization/getRequestStatusForAuthorization, cite handler branches per references/authorization.md (e.g. success does not prove read access); do not infer read permission fromauthorizationStatusalone. - Queries and limits — Pass: For each query, cite predicate + limit (
HKObjectQueryNoLimitonly with a bounded predicate); for totals/aggregates, citeHKStatisticsQuery/ collection vs manual summing per references/queries.md. - Observers and background — Pass: If
HKObserverQueryorenableBackgroundDeliveryappears, cite where the observer is started/stopped and where background delivery is registered; cite entitlements/Info.plist or flag missing config per references/background.md. If absent, Pass: one line “no observer/background in scope.” - Threading and lifecycle — Pass: Cite main-queue (or documented pattern) for UI updates from query callbacks; cite retention/
stop()/deinitfor long-running queries per checklist above.
Review Questions
- Is
isHealthDataAvailable()checked before creating HKHealthStore? - Does the code gracefully handle denied permissions (empty results)?
- Are observer query completion handlers called in all code paths?
- Is work in background handlers minimal (~15 second limit)?
- Are HKQueryAnchors persisted per sample type (not shared)?
Usage Guidance
This skill appears coherent and low-risk: it is a checklist plus HealthKit reference docs and asks only to read the codebase under review. Before installing, ensure you trust the agent's repository read permissions (it will need to see source files to cite call sites). Also be careful not to feed or paste any real user health data or production secrets into the review prompts — the skill evaluates code, but any sample data you include could contain sensitive health information. Finally, if you want to be extra cautious, run the review on a copy of the code (with secrets/redacted data) rather than on live production files.
Capability Assessment
Purpose & Capability
Name/description, SKILL.md checklist, and the four reference docs all focus on HealthKit review (authorization, queries, background, data types). The skill requests no binaries, env vars, config paths, or installs — which is appropriate for a static code-review helper.
Instruction Scope
Runtime instructions explicitly direct the agent to inspect code (file paths, call sites, handlers) and follow a specific gated review process. The instructions do not ask the agent to read unrelated system files, access environment variables, or transmit findings externally — they stay within the stated review scope. Note: because it asks the agent to cite file paths and call sites, the agent will need read access to the repository under review.
Install Mechanism
No install specification and no code files that execute — this is instruction-only, so nothing will be downloaded or written to disk by an install step.
Credentials
The skill declares no required environment variables, credentials, or config paths. There are no extraneous secret requests that would be disproportionate to a code-review task.
Persistence & Privilege
Flags: always=false (not forced), user-invocable=true, disable-model-invocation=false (agent may invoke autonomously, which is the platform default). The skill does not request persistent system presence or modify other skills' configs.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install healthkit-code-review - After installation, invoke the skill by name or use
/healthkit-code-review - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.1
- Refined review workflow by adding "Review gates": a step-by-step sequence of pass conditions reviewers should follow when examining HealthKit code.
- Clarified that each review step must be completed before proceeding to the next, and that findings in later steps depend on earlier pass conditions.
- Each review gate includes specific requirements and citation guidance for proper code referencing.
- No changes to the review checklist, quick reference, or core content outside the new "Review gates" section.
v1.2.0
- Added a structured quick reference table for HealthKit authorization, query patterns, background delivery, and data type usage.
- Introduced a detailed review checklist covering key HealthKit best practices and common pitfalls.
- Provided clear guidance on when to consult specific documentation references.
- Included targeted review questions to help ensure correct and privacy-compliant HealthKit code.
Metadata
Frequently Asked Questions
What is Healthkit Code Review?
Reviews HealthKit code for authorization patterns, query usage, background delivery, and data type handling. Use when reviewing code with import HealthKit, H... It is an AI Agent Skill for Claude Code / OpenClaw, with 170 downloads so far.
How do I install Healthkit Code Review?
Run "/install healthkit-code-review" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Healthkit Code Review free?
Yes, Healthkit Code Review is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Healthkit Code Review support?
Healthkit Code Review is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Healthkit Code Review?
It is built and maintained by Kevin Anderson (@anderskev); the current version is v1.2.1.
More Skills