ClawHub

Referral Letter Generator

v1.0.0

Generate medical referral letters with patient summary, reason for referral.

0· 35·0 current·0 all-time
byAIpoch@aipoch-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (medical referral letter generation) match the repository contents: templates, sample data, and a Python script that renders text/HTML/PDF/DOCX outputs. Declared dependencies (reportlab, python-docx) are appropriate for generating PDF and DOCX outputs.
Instruction Scope
SKILL.md confines runtime actions to running the packaged script and reviewing inputs/outputs. It does instruct handling patient-identifiable data (PHI) but does not add commands that read unrelated system files, environment variables, or network endpoints. Note: the skill processes PHI locally — SKILL.md and code do not enforce encryption, transmission safeguards, or logging/audit controls; treat outputs as sensitive and review for compliance before use.
Install Mechanism
No install spec; skill is instruction-only with a packaged Python script. Dependencies are listed in requirements.txt (standard PyPI packages). There are no downloads from arbitrary URLs or extract/install steps in the bundle.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate for a local document-generation tool. The requirements file lists only libraries needed for document generation.
Persistence & Privilege
always is false and the skill is user-invocable. The package does not request persistent system privileges or modify other skills' configurations. It runs as a local script and does not register persistent background services.
Assessment
This skill appears to do what it says: generate referral letters locally from JSON or Python objects. Before installing or running it: (1) review the full scripts/main.py (it is included) to confirm there are no unexpected network calls or logging of PHI; (2) run it in a restricted environment or sandbox if you are unsure; (3) install dependencies from trusted sources (pip official index) and pin versions if deploying; (4) treat any input/output files as protected health information — use encrypted storage/transmission and follow your organisation's HIPAA/data-handling policies; (5) if you will integrate the script with other systems (EHR, email), validate secure APIs and credentials separately. If you want, I can scan the rest of scripts/main.py (full file) for any network, subprocess, or file-path operations and call sites that could export data.

Like a lobster shell, security has layers — review code before you run it.

latestvk97csxhmd3a843y2rbm7eewwfd83yvtk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments