Skills
skills/sundial-org/awesome-openclaw-skills/healthkit-sync/Gen Agent Trust Hub

healthkit-sync

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill documents functionality that ingests external data, which creates a surface for indirect prompt injection if malicious content is present in the source data.
  • Ingestion points: Data enters the system context via healthsync scan (processing QR data from the clipboard or local files) and healthsync fetch (retrieving health data samples over the local network from an iOS device) as detailed in CLI-REFERENCE.md.
  • Boundary markers: There are no instructions or delimiters provided to the agent to treat ingested health data or pairing codes as untrusted or to ignore potentially embedded instructions.
  • Capability inventory: The skill allows for the execution of healthsync CLI commands and the processing of their output within the agent's workflow.
  • Sanitization: While the security architecture in SECURITY.md mentions structural validation for pairing codes, there is no documented sanitization or escaping of the health sample content itself before it is returned to the user or processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 12:25 AM