← 返回 Skills 市场
ivangdavila

Apple Health

作者 Iván · GitHub ↗ · v1.0.0
darwinlinuxwin32 ⚠ suspicious
504
总下载
1
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install apple-health
功能描述
Connect agents to Apple Health exports with MCP setup, schema validation, and privacy-safe analysis.
使用说明 (SKILL.md)

Setup

On first use, read setup.md for integration guidelines.

When to Use

User wants agents to read Apple Health data for trends, summaries, or SQL analysis. Agent handles export validation, MCP server wiring, and safe query/report flows without exposing private health records.

Architecture

Memory lives in ~/apple-health/. See memory-template.md for setup.

~/apple-health/
|-- memory.md              # Status, client integration state, latest export path
|-- integrations.md        # Connected MCP clients and validation notes
|-- query-log.md           # Reusable SQL/report prompts and known-good outputs
`-- archive/               # Retired paths and old troubleshooting notes

Quick Reference

Use these files on demand instead of overloading the main instructions.

Topic File
Setup process setup.md
Memory template memory-template.md
MCP client wiring mcp-config.md
Query recipes query-recipes.md
Fallback CLI paths fallback-cli.md

Core Rules

1. Confirm Integration Mode Before Doing Anything

Start by clarifying one of these modes:

  • csv-export using Apple Health CSV exports and MCP
  • not-now if user is only planning and does not want setup yet

Never imply direct HealthKit API access from terminal agents. This skill works from exported data.

2. Validate Local Export Before MCP Wiring

Require a real export folder before configuration:

  • Must exist locally and be readable
  • Must include files matching HKQuantityTypeIdentifier*.csv, HKCategoryTypeIdentifier*.csv, or HKWorkoutActivityType*.csv
  • Must not be an empty unzip folder

If validation fails, stop and fix data path first.

3. Run Runtime Preflight Before MCP Configuration

Before wiring MCP, verify runtime:

  • node -v should be an LTS line (18, 20, or 22)
  • If npx @neiltron/apple-health-mcp fails with missing duckdb.node, switch to LTS Node and retry
  • Confirm HEALTH_DATA_DIR is available as an absolute path

Do not continue while runtime is incompatible.

4. Configure MCP With Explicit Path and Command

Use the MCP server command from mcp-config.md:

  • Command: npx
  • Args: [@neiltron/apple-health-mcp]
  • Env: HEALTH_DATA_DIR=/absolute/path/to/export

Never continue with placeholders or relative paths that are not verified.

5. Schema First, Then Queries

First run schema discovery (health_schema) and map available tables. Only then run health_query or health_report.

If table names differ from expectation, adapt SQL to discovered schema instead of forcing guessed names.

6. Use Date-Bounded Queries By Default

Every analytical query should include time bounds and clear units. Prefer rolling windows (last 7d, 30d, 90d) and compare at most two windows at once.

Avoid unbounded full-history scans unless user explicitly asks.

7. Track Data Freshness and Refresh Points

Log last export timestamp in memory and warn when data is stale. If user needs current-day insights, request a new iPhone export before claiming "latest" trends.

Common Traps

  • Assuming live HealthKit access from CLI agents -> setup fails because only exported data is available
  • Using wrong export path in MCP env -> server starts but returns no data
  • Running SQL before schema discovery -> queries fail on wrong table names
  • Unbounded queries on large exports -> slow analysis and noisy output
  • Reporting "today" metrics from stale export -> inaccurate recommendations
  • Running MCP package on non-LTS Node -> DuckDB native module errors can break startup

External Endpoints

Endpoint Data Sent Purpose
https://registry.npmjs.org Package install metadata only Download MCP server package
https://raw.githubusercontent.com Public markdown only Read validated fallback skill docs
https://apps.apple.com Manual app download traffic Install CSV export app on iPhone

No health record rows should be sent externally by default.

Security & Privacy

Data that leaves your machine:

  • Package install requests to npm
  • Optional app download traffic from App Store

Data that stays local:

  • Apple Health CSV exports
  • MCP query outputs and summaries
  • Skill memory in ~/apple-health/

This skill does NOT:

  • Access iCloud Health data directly
  • Bypass Apple permission prompts
  • Upload health CSVs unless the user asks for that explicitly

Trust

By using this skill, you rely on third-party tooling (@neiltron/apple-health-mcp and the chosen iPhone export app). Only install and run if you trust those tools.

Related Skills

Install with clawhub install \x3Cslug> if user confirms:

  • health - General health guidance boundaries and framing
  • ios - iOS-specific setup and platform troubleshooting
  • sleep - Sleep trend interpretation workflows
  • api - Reliable API and integration debugging habits
  • swift - HealthKit-side implementation context when app code is involved

Feedback

  • If useful: clawhub star apple-health
  • Stay updated: clawhub sync
安全使用建议
This skill appears coherent with its stated purpose, but it relies on a third-party npm package (@neiltron/apple-health-mcp) that npx will download and run locally. Before installing or running: (1) confirm you trust that npm package and its author (inspect the package source on GitHub or npm), (2) run it in a controlled environment or sandbox if you are cautious, (3) ensure HEALTH_DATA_DIR points to only the exports you want processed, and (4) be aware that ~/apple-health/ will store integration metadata (not raw CSVs unless you explicitly save them). If you want to reduce supply-chain risk, consider installing the MCP package from a vetted release (manual npm install from a pinned version) or using a validated fallback CLI noted in the documentation.
功能分析
Type: OpenClaw Skill Name: apple-health Version: 1.0.0 The skill is classified as suspicious due to its reliance on external command execution, broad file system access, and an explicit supply chain risk. It instructs the agent to execute `npx @neiltron/apple-health-mcp` (found in `SKILL.md`, `mcp-config.md`, `setup.md`), which allows arbitrary code execution if the third-party package is compromised. The skill also requires reading and validating user-provided local paths for health data and fetching documentation from `raw.githubusercontent.com` (`fallback-cli.md`). While these capabilities are necessary for the skill's stated purpose and include some guardrails, they represent significant attack surface and vulnerabilities, not intentional malice within the provided files.
能力评估
Purpose & Capability
Name/description (Apple Health exports, MCP, schema validation, privacy-safe analysis) align with requested binaries (node, npx) and the single env var (HEALTH_DATA_DIR). No unrelated credentials or system-level paths are requested.
Instruction Scope
SKILL.md stays focused: validate a local export, verify Node LTS, wire an MCP server via npx, run schema discovery, then bounded queries. It explicitly forbids claiming live HealthKit access and warns not to upload CSVs by default. Instructions reference only the declared HEALTH_DATA_DIR and local memory files.
Install Mechanism
There is no bundled install spec, but the runtime uses npx to fetch and run @neiltron/apple-health-mcp from the public npm registry (and references GitHub raw pages and the App Store). These are well-known hosts, but running remote npm packages (npx) is a moderate supply-chain risk — expected for this skill's architecture but worth user attention.
Credentials
Only HEALTH_DATA_DIR is required and declared. Optional runtime envs in docs (MAX_MEMORY_MB, CACHE_SIZE) are reasonable for large local datasets. No unrelated tokens, secrets, or system credentials are requested.
Persistence & Privilege
always:false and normal autonomous invocation. Skill writes small local memory files under ~/apple-health/ (documented templates) which is appropriate for its purpose. It does not request elevated or cross-skill configuration changes.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install apple-health
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /apple-health 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release with Apple Health MCP integration workflow and guarded query patterns.
元数据
Slug apple-health
版本 1.0.0
许可证
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Apple Health 是什么?

Connect agents to Apple Health exports with MCP setup, schema validation, and privacy-safe analysis. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 504 次。

如何安装 Apple Health?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install apple-health」即可一键安装,无需额外配置。

Apple Health 是免费的吗?

是的,Apple Health 完全免费(开源免费),可自由下载、安装和使用。

Apple Health 支持哪些平台?

Apple Health 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux, win32)。

谁开发了 Apple Health?

由 Iván(@ivangdavila)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 留言讨论