← 返回 Skills 市场
mneves75

HealthKit Sync

作者 mneves75 · GitHub ↗ · v1.0.0
cross-platform ✓ 安全检测通过
3592
总下载
12
收藏
27
当前安装
1
版本数
在 OpenClaw 中安装
/install healthkit-sync
功能描述
iOS HealthKit data sync CLI commands and patterns. Use when working with healthsync CLI, fetching Apple Health data (steps, heart rate, sleep, workouts), pairing iOS devices over local network, or understanding the iOS Health Sync project architecture including mTLS certificate pinning, Keychain storage, and audit logging.
使用说明 (SKILL.md)

HealthKit Sync CLI

Securely sync Apple HealthKit data from iPhone to Mac over local network using mTLS.

When to Use This Skill

  • User asks about syncing health data from iPhone
  • User mentions healthsync CLI commands
  • User wants to fetch steps, heart rate, sleep, or workout data
  • User needs to pair a Mac with an iOS device
  • User asks about the iOS Health Sync project architecture
  • User mentions certificate pinning or mTLS patterns

CLI Quick Reference

Pairing Flow (First Time)

# 1. Discover devices on local network
healthsync discover

# 2. On iOS app: tap "Share" to generate QR code, then "Copy"
# 3. Scan QR from clipboard (Universal Clipboard)
healthsync scan

# Alternative: scan from image file
healthsync scan --file ~/Desktop/qr.png

Fetching Health Data

# Check connection status
healthsync status

# List enabled data types
healthsync types

# Fetch data as CSV (default)
healthsync fetch --start 2026-01-01T00:00:00Z --end 2026-12-31T23:59:59Z --types steps

# Fetch multiple types as JSON
healthsync fetch --start 2026-01-01T00:00:00Z --end 2026-12-31T23:59:59Z \
  --types steps,heartRate,sleepAnalysis --format json | jq

# Pipe to file
healthsync fetch --start 2026-01-01T00:00:00Z --end 2026-12-31T23:59:59Z \
  --types steps > steps.csv

Available Health Data Types

Activity: steps, distanceWalkingRunning, distanceCycling, activeEnergyBurned, basalEnergyBurned, exerciseTime, standHours, flightsClimbed, workouts

Heart: heartRate, restingHeartRate, walkingHeartRateAverage, heartRateVariability

Vitals: bloodPressureSystolic, bloodPressureDiastolic, bloodOxygen, respiratoryRate, bodyTemperature, vo2Max

Sleep: sleepAnalysis, sleepInBed, sleepAsleep, sleepAwake, sleepREM, sleepCore, sleepDeep

Body: weight, height, bodyMassIndex, bodyFatPercentage, leanBodyMass

Configuration

Config stored at ~/.healthsync/config.json (permissions: 0600):

{
  "host": "192.168.1.x",
  "port": 8443,
  "fingerprint": "sha256-certificate-fingerprint"
}

Token stored in macOS Keychain under service org.mvneves.healthsync.cli.

Security Architecture

Certificate Pinning

The CLI validates server certificates by SHA256 fingerprint (TOFU model):

  1. First pairing stores fingerprint from QR code
  2. Subsequent connections verify fingerprint matches
  3. Mismatch = connection rejected (MITM protection)

Local Network Only

Host validation restricts connections to:

  • localhost, *.local domains
  • Private IPv4: 192.168.*, 10.*, 172.16-31.*
  • IPv6 loopback: ::1, link-local: fe80::

Keychain Storage

Tokens never stored in config file - always in Keychain with:

  • kSecAttrAccessibleWhenUnlocked protection class
  • Service: org.mvneves.healthsync.cli
  • Account: token-{host}

Project Structure

ai-health-sync-ios-clawdbot/
├── iOS Health Sync App/          # Swift 6 iOS app
│   ├── Services/Security/        # CertificateService, KeychainStore, PairingService
│   ├── Services/HealthKit/       # HealthKitService, HealthSampleMapper
│   ├── Services/Network/         # NetworkServer (TLS), HTTPTypes
│   └── Services/Audit/           # AuditService (SwiftData)
└── macOS/HealthSyncCLI/          # Swift Package CLI

Troubleshooting

"No devices found":

  • Ensure iOS app is running with sharing enabled
  • Both devices must be on same Wi-Fi network
  • Check firewall isn't blocking mDNS (port 5353)

"Pairing code expired":

  • Generate new QR code on iOS app (codes expire in 5 minutes)

"Certificate mismatch":

  • Delete ~/.healthsync/config.json and re-pair
  • Server certificate may have been regenerated

"Connection refused":

  • iOS app server may not be running
  • Run healthsync status --dry-run to test without connecting

See Also

安全使用建议
This skill appears to be a straightforward CLI reference for a local HealthKit sync tool and is internally consistent with that purpose. Before installing/using it: (1) confirm you have the official 'healthsync' CLI from a trusted source and that the skill's documentation matches the installed binary (the skill metadata does not declare the healthsync binary dependency); (2) verify any QR codes or pairing codes come from your trusted iOS device before scanning; (3) ensure ~/.healthsync/config.json is permissioned 0600 and that tokens are stored only in the macOS Keychain as described; (4) if you want to prevent autonomous use, consider enabling a policy that disables model-driven invocation of skills or require explicit user invocation. If you need higher assurance, ask the publisher for the project's homepage or source code and verify release signatures or checksums.
功能分析
Type: OpenClaw Skill Name: healthkit-sync Version: 1.0.0 The skill bundle is benign. All instructions and code snippets are directly related to the stated purpose of syncing iOS HealthKit data via the `healthsync` CLI, or for testing and debugging the skill itself. There is no evidence of intentional harmful behavior such as data exfiltration, malicious execution, persistence, or prompt injection against the agent. File system and process management commands (e.g., `ln -sf`, `pkill`, `cat`, `tail`) are used for local skill setup and diagnostics in `TESTING.md`, which is intended for human testers, not as instructions for the AI agent to execute maliciously. The `SKILL.md` provides clear, non-malicious guidance for the agent's use.
能力评估
Purpose & Capability
The SKILL.md describes exactly a healthsync CLI helper (pairing, fetch commands, Keychain usage, config path). However, the registry metadata lists no required binaries even though the instructions assume a healthsync CLI is installed (~/.healthsync/config.json and commands like `healthsync fetch`). The lack of a declared required binary is a minor inconsistency.
Instruction Scope
Instructions are limited to local pairing, using the healthsync CLI, reading/writing a config at ~/.healthsync/config.json, and storing tokens in the macOS Keychain. There are no instructions to read unrelated system files, environment variables, or to transmit data to external servers beyond the local network.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, which is the lowest-risk installation profile. Nothing in the skill attempts to download or install third-party code.
Credentials
The skill requests no environment variables or credentials in metadata. It documents Keychain usage for tokens (appropriate for this purpose) and a config path. There are no unexplained or excessive credential requests.
Persistence & Privilege
The skill does not set always:true (good). It also does not set disableModelInvocation, so the model could invoke the skill autonomously — this is common but worth noting if you want to restrict automatic use.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install healthkit-sync
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /healthkit-sync 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of healthkit-sync - Provides CLI patterns for securely syncing Apple HealthKit data from iPhone to Mac over local network using mTLS. - Supports device pairing, certificate pinning, and Keychain storage for secure connections. - Includes commands for discovering devices, scanning pairing QR codes, and fetching health data (steps, heart rate, sleep, workouts, etc). - Documents available data types, config file details, and security architecture. - Offers troubleshooting tips and links to further references.
元数据
Slug healthkit-sync
版本 1.0.0
许可证
累计安装 27
当前安装数 27
历史版本数 1
常见问题

HealthKit Sync 是什么?

iOS HealthKit data sync CLI commands and patterns. Use when working with healthsync CLI, fetching Apple Health data (steps, heart rate, sleep, workouts), pairing iOS devices over local network, or understanding the iOS Health Sync project architecture including mTLS certificate pinning, Keychain storage, and audit logging. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 3592 次。

如何安装 HealthKit Sync?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install healthkit-sync」即可一键安装,无需额外配置。

HealthKit Sync 是免费的吗?

是的,HealthKit Sync 完全免费(开源免费),可自由下载、安装和使用。

HealthKit Sync 支持哪些平台?

HealthKit Sync 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 HealthKit Sync?

由 mneves75(@mneves75)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论