ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Medical Report Query

v1.0.0

醫療報表查詢技能 - Oracle/SQLServer醫療資料庫報表查詢與分析。適用於診所、社區醫院的日常營運報表需求。觸發詞:報表、查詢、門診、住院、藥品、醫保、統計。

0· 88·0 current·0 all-time
by@a85012712

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for a85012712/medical-report-query.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Medical Report Query" (a85012712/medical-report-query) from ClawHub.
Skill page: https://clawhub.ai/a85012712/medical-report-query
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install medical-report-query

ClawHub CLI

Package manager switcher

npx clawhub@latest install medical-report-query
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's purpose is to query Oracle/SQLServer (and an 'ERP 庫 LXls') databases and produce medical reports. However, there are no declared environment variables, credentials, connectors, or instructions for how the agent should connect to those databases. A DB-reporting skill would normally require connection strings, DB credentials, or at least a clearly documented integration mechanism.
Instruction Scope
SKILL.md is high-level and describes report types and example prompts but contains no concrete runtime instructions for making database connections, forming or validating SQL, or enforcing safe handling of PHI/PII. It does warn that sensitive data must be de-identified, but gives no mandated procedure. The instructions are vague, leaving broad discretion to the agent (e.g., how to build/execute queries and where to run them).
Install Mechanism
No install spec and no code files are present (instruction-only). This minimizes supply-chain risk because nothing will be downloaded or written to disk by the skill itself.
!
Credentials
No environment variables, primary credential, or config paths are declared despite the skill's need to access databases containing sensitive medical data. The absence of declared credentials is unexpected and makes it unclear how sensitive connections/credentials would be supplied or protected, which is disproportionate for a DB-reporting capability.
Persistence & Privilege
The skill is not always-enabled and does not request persistent or elevated platform privileges. Autonomous invocation is allowed by default (normal) but is not combined with other privilege escalations.
What to consider before installing
This skill's purpose (querying medical databases) normally requires explicit connection details, credentials, and strong safeguards for protected health information (PHI). Before installing or enabling it: 1) Ask the author how DB connections are provided and insist they document required env vars (DB_HOST, DB_PORT, DB_NAME, DB_USER, DB_PASSWORD or an approved secret-store integration). 2) Require the skill to declare the least-privilege accounts it needs and to avoid storing credentials in plain text. 3) Confirm an explicit data-handling policy (automatic de-identification, logging/audit, retention limits) and test the skill only against sanitized or development data. 4) Prefer a version that restricts SQL execution (parameterized queries, query whitelists) rather than allowing arbitrary SQL generation. 5) If you cannot get these guarantees, treat the skill as risky for production PHI and avoid granting it database access.

Like a lobster shell, security has layers — review code before you run it.

latestvk97aet38h8gf0fsz9e3jv3eek184y240
88downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@a85012712
latest
Download

Medical Report Query

醫療報表智能查詢技能,專為診所和社區醫院設計。

功能

1. 門診報表

  • 會員註冊統計
  • 醫生工作量統計
  • 收費明細查詢
  • 科室收入分析

2. 住院報表

  • 住院人數統計
  • 床位使用率分析
  • 出院結算查詢
  • 費用結構分析

3. 藥品報表

  • 藥品庫存查詢
  • 藥品消耗統計
  • 採購訂單追踪
  • 效期预警

4. 醫保報表

  • 醫保結算對帳
  • 統籌基金統計
  • 自付比例分析

使用方式

門診統計:

查詢本月門診人數統計

藥品庫存:

查詢某藥品的庫存情況

醫保對帳:

生成本月醫保結算對帳單

支援資料庫

  • HIS庫:Oracle - 門診/住院/醫保/藥品
  • ERP庫:LXls - 會員/績效/庫存

注意事項

  • 報表僅供參考,具體數字需與系統核對
  • 敏感資料需進行脫敏處理
  • 報表格式可自訂(Markdown/Excel/HTML)

Comments

Loading comments...