We checked this and rejected itprivacy

Claude Ally Health: why it is not safe to use

Health-report images are sent to a third-party GLM vision service for OCR, so sensitive medical data leaves your device even though structured records stay local.

Claude Ally Health helps you track medical reports locally, and most of our checks came back clean: no hardcoded secrets, no destructive commands, no obfuscated code, no credential access, and no privilege escalation. The command files are plain instruction markdown with no hidden directives.

What we found

The skill processes medical report images by sending them to an external GLM vision service (`mcp__4_5v_mcp__analyze_image`) for OCR. That means images containing sensitive health information leave your device and are handled by a third party, even though the resulting structured records are stored locally. This is the reason for the warn verdict on data exfiltration and external fetches. We found no evidence of malicious intent; the concern is where your data travels, not what the author does with it.

What to do instead

If you use this skill, avoid submitting reports that contain identifying details or information you would not want processed off-device. Review the GLM service's data handling and retention terms first. Where possible, prefer a local OCR option or redact names and identifiers before analysis. Treat any health image you pass in as data shared with an outside vendor.

Want the same outcome, safely? Use our checked skill instead.

Source: https://github.com/huifer/Claude-Ally-Health

We report what our security review found at the time we checked, with the goal of keeping people safe. Projects change; if a maintainer has since fixed this, we are glad to recheck it. Email hello@agentpod.com.

Copied to clipboard. Go back to ChatGPT or Claude and paste it to teach the skill.