Safety Report

Symptoms

Name: Symptoms
Rating: 5 (2 reviews)
Author: ivangdavila

@ivangdavila

Build a private symptom tracker for logging health patterns and preparing for doctor visits.

730Downloads

0Installs

2Stars

1Versions

Monitoring & Logging1,579 Design & Prototyping842 Healthcare460

Security Analysis

medium confidence

Clean

The skill's instructions, requirements, and behavior are internally consistent with a local symptom-tracker; no unexpected credentials or external installs are requested, but it handles sensitive health data and asks the agent to write files and schedule follow-ups, so users should consider privacy and persistence implications before installing.

Mar 7, 20261 files2 concerns

Purpose & Capabilityok

The name/description (private symptom tracker) match the SKILL.md: it asks the agent to gather symptom details, keep logs, prepare doctor summaries, and store data under ~/symptoms/. There are no unrelated environment variables, binaries, or installs required.

Instruction Scopenote

Instructions explicitly direct creating and writing files under ~/symptoms/ and taking detailed, sensitive health input. That is appropriate for a local tracker, but the skill also instructs proactive follow-ups (e.g., '2 hours later', 'next day'), which implies scheduling or repeated invocations. The SKILL.md promises 'All data stays local, never synced' but provides no technical enforcement (e.g., encryption or access controls).

Install Mechanismok

No install spec or code files are provided (instruction-only), so nothing is downloaded or written by an installer. This keeps the risk surface small.

Credentialsok

No environment variables, credentials, or external config paths are requested. The only system access implied is writing to the user's home directory (~/symptoms/), which is proportional to the stated purpose.

Persistence & Privilegenote

always is false and model invocation is allowed (platform default). Because the skill asks for follow-ups over time, it will need the agent/platform to re-invoke it or schedule reminders; users should confirm whether they want autonomous follow-ups and ensure the platform's invocation behavior matches expectations.

Guidance

This skill appears coherent for a local symptom tracker, but it handles sensitive health information and will write files to ~/symptoms/. Before installing: (1) confirm your agent/platform will keep inputs private (the SKILL.md promises local-only storage but the platform may send prompts to remote models), (2) decide whether you want the agent to run autonomous follow-ups or only act when you invoke it, (3) consider storing the folder in an encrypted location or using disk encryption/backups to protect health data, and (4) check that the agent will ask permission before scheduling reminders. If you need stronger guarantees (no network exfiltration), verify platform privacy docs or avoid entering highly sensitive details.

Latest Release

v1.0.0

Initial release

More by @ivangdavila

DOCX

18 stars

Market Research

18 stars

Code

14 stars

Excel / XLSX

13 stars

Data Analysis

13 stars

Office

11 stars

Published by @ivangdavila on ClawHub