技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 12 · 3.2k · 25 current installs · 25 all-time installs
⭐ 12
安装量(当前) 25
🛡 VirusTotal :良性 · OpenClaw :良性
Package:healthkit-sync
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :良性
OpenClaw 评估
The skill's files and runtime instructions are coherent with an iOS/macOS HealthKit sync CLI helper, but there are minor metadata omissions and the source is unknown — verify the CLI origin before use.
目的
The SKILL.md describes exactly a healthsync CLI helper (pairing, fetch commands, Keychain usage, config path). However, the registry metadata lists no required binaries even though the instructions assume a healthsync CLI is installed (~/.healthsync/config.json and commands like `healthsync fetch`). The lack of a declared required binary is a minor inconsistency.
说明范围
Instructions are limited to local pairing, using the healthsync CLI, reading/writing a config at ~/.healthsync/config.json, and storing tokens in the macOS Keychain. There are no instructions to read unrelated system files, environment variables, or to transmit data to external servers beyond the local network.
安装机制
This is an instruction-only skill with no install spec and no code files, which is the lowest-risk installation profile. Nothing in the skill attempts to download or install third-party code.
证书
The skill requests no environment variables or credentials in metadata. It documents Keychain usage for tokens (appropriate for this purpose) and a config path. There are no unexplained or excessive credential requests.
持久
The skill does not set always:true (good). It also does not set disableModelInvocation, so the model could invoke the skill autonomously — this is common but worth noting if you want to restrict automatic use.
综合结论
This skill appears to be a straightforward CLI reference for a local HealthKit sync tool and is internally consistent with that purpose. Before installing/using it: (1) confirm you have the official 'healthsync' CLI from a trusted source and that the skill's documentation matches the installed binary (the skill metadata does not declare the healthsync binary dependency); (2) verify any QR codes or pairing codes come from your trusted iOS devic…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「HealthKit Sync」。简介:iOS HealthKit data sync CLI commands and patterns. Use when working with health…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/mneves75/healthkit-sync/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: healthkit-sync
description: iOS HealthKit data sync CLI commands and patterns. Use when working with healthsync CLI, fetching Apple Health data (steps, heart rate, sleep, workouts), pairing iOS devices over local network, or understanding the iOS Health Sync project architecture including mTLS certificate pinning, Keychain storage, and audit logging.
license: Apache-2.0
compatibility: macOS with healthsync CLI installed (~/.healthsync/config.json)
metadata:
category: development
platforms: ios,macos
author: mneves
---
# HealthKit Sync CLI
Securely sync Apple HealthKit data from iPhone to Mac over local network using mTLS.
## When to Use This Skill
- User asks about syncing health data from iPhone
- User mentions `healthsync` CLI commands
- User wants to fetch steps, heart rate, sleep, or workout data
- User needs to pair a Mac with an iOS device
- User asks about the iOS Health Sync project architecture
- User mentions certificate pinning or mTLS patterns
## CLI Quick Reference
### Pairing Flow (First Time)
```bash
# 1. Discover devices on local network
healthsync discover
# 2. On iOS app: tap "Share" to generate QR code, then "Copy"
# 3. Scan QR from clipboard (Universal Clipboard)
healthsync scan
# Alternative: scan from image file
healthsync scan --file ~/Desktop/qr.png
```
### Fetching Health Data
```bash
# Check connection status
healthsync status
# List enabled data types
healthsync types
# Fetch data as CSV (default)
healthsync fetch --start 2026-01-01T00:00:00Z --end 2026-12-31T23:59:59Z --types steps
# Fetch multiple types as JSON
healthsync fetch --start 2026-01-01T00:00:00Z --end 2026-12-31T23:59:59Z
--types steps,heartRate,sleepAnalysis --format json | jq
# Pipe to file
healthsync fetch --start 2026-01-01T00:00:00Z --end 2026-12-31T23:59:59Z
--types steps > steps.csv
```
### Available Health Data Types
**Activity**: steps, distanceWalkingRunning, distanceCycling, activeEnergyBurned, basalEnergyBurned, exerciseTime, standHours, flightsClimbed, workouts
**Heart**: heartRate, restingHeartRate, walkingHeartRateAverage, heartRateVariability
**Vitals**: bloodPressureSystolic, bloodPressureDiastolic, bloodOxygen, respiratoryRate, bodyTemperature, vo2Max
**Sleep**: sleepAnalysis, sleepInBed, sleepAsleep, sleepAwake, sleepREM, sleepCore, sleepDeep
**Body**: weight, height, bodyMassIndex, bodyFatPercentage, leanBodyMass
## Configuration
Config stored at `~/.healthsync/config.json` (permissions: 0600):
```json
{
"host": "192.168.1.x",
"port": 8443,
"fingerprint": "sha256-certificate-fingerprint"
}
```
Token stored in macOS Keychain under service `org.mvneves.healthsync.cli`.
## Security Architecture
### Certificate Pinning
The CLI validates server certificates by SHA256 fingerprint (TOFU model):
1. First pairing stores fingerprint from QR code
2. Subsequent connections verify fingerprint matches
3. Mismatch = connection rejected (MITM protection)
### Local Network Only
Host validation restricts connections to:
- `localhost`, `*.local` domains
- Private IPv4: `192.168.*`, `10.*`, `172.16-31.*`
- IPv6 loopback: `::1`, link-local: `fe80::`
### Keychain Storage
Tokens never stored in config file - always in Keychain with:
- `kSecAttrAccessibleWhenUnlocked` protection class
- Service: `org.mvneves.healthsync.cli`
- Account: `token-{host}`
## Project Structure
```
ai-health-sync-ios-clawdbot/
├── iOS Health Sync App/ # Swift 6 iOS app
│ ├── Services/Security/ # CertificateService, KeychainStore, PairingService
│ ├── Services/HealthKit/ # HealthKitService, HealthSampleMapper
│ ├── Services/Network/ # NetworkServer (TLS), HTTPTypes
│ └── Services/Audit/ # AuditService (SwiftData)
└── macOS/HealthSyncCLI/ # Swift Package CLI
```
## Troubleshooting
**"No devices found"**:
- Ensure iOS app is running with sharing enabled
- Both devices must be on same Wi-Fi network
- Check firewall isn't blocking mDNS (port 5353)
**"Pairing code expired"**:
- Generate new QR code on iOS app (codes expire in 5 minutes)
**"Certificate mismatch"**:
- Delete `~/.healthsync/config.json` and re-pair
- Server certificate may have been regenerated
**"Connection refused"**:
- iOS app server may not be running
- Run `healthsync status --dry-run` to test without connecting
## See Also
- [CLI Reference](references/CLI-REFERENCE.md) - Detailed command documentation
- [Security Patterns](references/SECURITY.md) - mTLS and certificate pinning patterns
- [Architecture](references/ARCHITECTURE.md) - iOS app architecture details